Sensitive Information Exposure in Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers

CVE-2024-39822

6.5MEDIUM

Key Information

Vendor: Zoom
Status: Rooms Controller; Rooms; Meeting Software Development Kit; Workplace
Vendor: CVE Published:; 14 August 2024

Summary

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 14, 2024

Collectors

NVD Database