CVE-2023-36535

7.1HIGH

Key Information

Vendor: Zoom Video Communications, Inc.
Status: Zoom Clients
Vendor: CVE Published:; 8 August 2023

Summary

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.

Affected Version(s)

Zoom Clients = before 5.14.10

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 6.5 to: 7.1 - (HIGH)
Oct 8, 2024
Risk change from: 6.5 to: 7.1 - (HIGH)
Sep 27, 2024
Vulnerability published.
Aug 8, 2023
Vulnerability Reserved.
Jun 22, 2023

Collectors

NVD DatabaseMitre Database

.