CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28761 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28761
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220916.131, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso en una reunión o seminario web al que está au... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28759 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28759
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28760 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28760
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28758 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28758
16 Sep 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiada. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 50EXPL: 1CVE-2021-34424 – Process memory exposure in Zoom Client and other products
https://notcve.org/view.php?id=CVE-2021-34424
24 Nov 2021 — A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Window... • https://packetstorm.news/files/id/165419 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 51EXPL: 1CVE-2021-34423 – Buffer overflow in Zoom client and other products
https://notcve.org/view.php?id=CVE-2021-34423
24 Nov 2021 — A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS... • https://packetstorm.news/files/id/165417 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-34417 – Authenticated remote command execution with root privileges via web console in MMR
https://notcve.org/view.php?id=CVE-2021-34417
11 Nov 2021 — The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoom On-Premise Meeting Connector MMR before version 4.6.365.20210703, Zoom On-Premise Recording Connector before version 3.8.45.20210703, Zoom On-Premise Virtual Room Connector before version 4.4.6868.20210703, and Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5496.20210703 fails to validate input sent in requests to set the network proxy password. This co... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-34418 – Pre-auth Null pointer crash in on-premise web console
https://notcve.org/view.php?id=CVE-2021-34418
11 Nov 2021 — The login routine of the web console in the Zoom On-Premise Meeting Connector before version 4.6.239.20200613, Zoom On-Premise Meeting Connector MMR before version 4.6.239.20200613, Zoom On-Premise Recording Connector before version 3.8.42.20200905, Zoom On-Premise Virtual Room Connector before version 4.4.6344.20200612, and Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5492.20200616 fails to validate that a NULL byte was sent while authenticating. This could lead to a crash of the... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-476: NULL Pointer Dereference •