CVE-2024-24696

Published Feb 14, 2024

Last updated a month ago

Overview

Description
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
Source
security@zoom.us
NVD status
Analyzed

Social media

Hype score
Not currently trending

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo
security@zoom.us
CWE-20

Configurations