admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-246xx/CVE-2024-24691.json
cad-safe-bot cf66c15518 Auto-Update: 2024-10-04T16:00:18.456471+00:00
2024-10-04 16:03:17 +00:00

143 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-24691",
"sourceIdentifier": "security@zoom.us",
"published": "2024-02-14T00:15:47.200",
"lastModified": "2024-10-04T15:43:02.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access."
},
{
"lang": "es",
"value": "Una validaci\u00f3n de entrada incorrecta en Zoom Desktop Client para Windows, Zoom VDI Client para Windows y Zoom Meeting SDK para Windows puede permitir que un usuario no autenticado realice una escalada de privilegios a trav\u00e9s del acceso a la red."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-176"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.16.5",
"matchCriteriaId": "B72243E4-AFF7-4A69-934A-1170A6EDAE0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.17.0",
"matchCriteriaId": "9D60A59A-2E09-48C6-82F6-995B7ADB330A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.14",
"matchCriteriaId": "DEC61EA8-8A9D-4E36-9B46-2B45ED1C5DB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*",
"versionStartExcluding": "5.14.14",
"versionEndExcluding": "5.15.12",
"matchCriteriaId": "390DFFB5-7BEA-41F2-B2E1-F0FED3766C1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*",
"versionStartExcluding": "5.15.12",
"versionEndExcluding": "5.16.10",
"matchCriteriaId": "8B90CC0C-8000-44E1-8AA1-5E67081ECD2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.16.5",
"matchCriteriaId": "19B08EB3-7EBF-416F-91B9-4600E47567F7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/ZSB-24008/",
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink