2023-11-15 00:55:21 +00:00
{
"id" : "CVE-2023-39204" ,
"sourceIdentifier" : "security@zoom.us" ,
"published" : "2023-11-14T23:15:08.687" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T08:14:54.570" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-11-15 00:55:21 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access."
2023-11-21 00:55:21 +00:00
} ,
{
"lang" : "es" ,
"value" : "El desbordamiento del b\u00fafer en algunos clientes de Zoom puede permitir que un usuario no autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso a la red."
2023-11-15 00:55:21 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
2023-11-21 00:55:21 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "security@zoom.us" ,
"type" : "Secondary" ,
2023-11-21 00:55:21 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-12-08 03:06:42 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" ,
"baseScore" : 4.3 ,
"baseSeverity" : "MEDIUM" ,
2023-11-21 00:55:21 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
2024-12-08 03:06:42 +00:00
"userInteraction" : "REQUIRED" ,
2023-11-21 00:55:21 +00:00
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "LOW"
2023-11-21 00:55:21 +00:00
} ,
2024-12-08 03:06:42 +00:00
"exploitabilityScore" : 2.8 ,
"impactScore" : 1.4
2023-11-21 00:55:21 +00:00
} ,
2023-11-15 00:55:21 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-11-15 00:55:21 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-12-08 03:06:42 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-11-15 00:55:21 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
2024-12-08 03:06:42 +00:00
"userInteraction" : "NONE" ,
2023-11-15 00:55:21 +00:00
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-11-15 00:55:21 +00:00
} ,
2024-12-08 03:06:42 +00:00
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
2023-11-15 00:55:21 +00:00
}
]
} ,
"weaknesses" : [
2023-11-21 00:55:21 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "security@zoom.us" ,
"type" : "Secondary" ,
2023-11-21 00:55:21 +00:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-120"
}
]
} ,
2023-11-15 00:55:21 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-11-15 00:55:21 +00:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-120"
}
]
}
] ,
2023-11-21 00:55:21 +00:00
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:meetings:*:*:*:*:*:android:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "6542B8C0-31B4-40A0-B6F3-136C5A16EFE8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:meetings:*:*:*:*:*:iphone_os:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "5722E765-C79A-4A21-9E03-2634D5E7F2F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:meetings:*:*:*:*:*:linux:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "86B49D79-7C51-46BE-87C2-93717D687531"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:meetings:*:*:*:*:*:macos:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "F6679219-E822-4E14-98CF-1661E343143E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:meetings:*:*:*:*:*:windows:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "63776027-642A-4B76-A561-F658045ECBD3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:android:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "81A22013-04BC-4F45-8295-81C5FD441FC1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipad_os:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "B399594A-A021-4CCF-BD2D-3E43FC0BF8B2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "0DACEF42-D48D-4CDD-B72C-0C1C2A63DF96"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "5C73290C-5F04-40AC-BFD8-64E2E53E3EF0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:android:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "C29E2E20-94A0-4516-8815-F634290D1C3A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:iphone_os:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "10213F87-D42E-47F0-A0E4-3EEC68D024B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:linux:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "6E3A49AF-5716-4516-8BC5-2DF788E6608C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:macos:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "24D1C345-4BF0-4027-A7C1-4D2FD8106EFB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:windows:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "DE7C3EFB-8CDF-447F-BDFC-2914C7DF8449"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "5.14.13" ,
"matchCriteriaId" : "4D26E2D3-9148-44AA-8AF0-A3E58704F532"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.15.0" ,
"versionEndExcluding" : "5.15.11" ,
"matchCriteriaId" : "C3B28CE5-ABB5-43C4-8BB4-133050E0821E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:zoom:*:*:*:*:*:android:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "229A05D6-27BE-46A0-ADA8-C37873A24EA0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:zoom:*:*:*:*:*:iphone_os:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "42CDC31F-325B-43A1-8266-34317C644630"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:zoom:*:*:*:*:*:linux:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "C7B42405-380C-42AD-9B87-99EB92E433BE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "351C219A-492B-4DC8-B92F-1B609A16459A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*" ,
"versionEndExcluding" : "5.15.10" ,
"matchCriteriaId" : "3D834D47-BF15-461E-A908-3F7A919C2ED2"
}
]
}
]
}
] ,
2023-11-15 00:55:21 +00:00
"references" : [
{
"url" : "https://explore.zoom.us/en/trust/security/security-bulletin/" ,
2023-11-21 00:55:21 +00:00
"source" : "security@zoom.us" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://explore.zoom.us/en/trust/security/security-bulletin/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-11-15 00:55:21 +00:00
}
]
}
