Vulnerability · NVD

CVE-2023-34114

HIGH 7.4 Published on 2023-06-13

Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.

Attack vector : Network No privileges required

Show raw CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

EPSS 0.29% above median percentile 52.9%

Tracked apps referencing this CVE

For each app: the affected range, the fixing version, and where the tracked app stands today.

Zoom macOS us.zoom.xos

Affected <5.14.10 Fixed in 5.14.10 Latest tracked — undetermined
Zoom Workplace Windows winget:Zoom.Zoom

Affected <5.14.10 Fixed in 5.14.10 Latest tracked 7.0.38856 patched

Vulnerable CPE configurations (2)

Vendor	Product	Platform	Versions	CPE 2.3 URI
zoom	zoom macOS	macOS	<5.14.10	cpe:2.3:a:zoom:zoom::::::macos::*
zoom	zoom Windows	Windows	<5.14.10	cpe:2.3:a:zoom:zoom::::::windows::*

View on NVD ↗