Unauthenticated Denial of Service Vulnerability in Zoom Apps
CVE-2024-45422

7.5HIGH

Key Information:

Vendor

Zoom
Status
Zoom Workplace Apps, Sdks, Rooms Clients, And Rooms Controllers
Vendor
CVE Published:
19 November 2024

What is CVE-2024-45422?

A vulnerability exists in Zoom Apps prior to version 6.2.0 due to improper input validation, allowing an unauthenticated user to exploit the flaw. This exploitation could lead to a denial of service, disrupting normal operations and potentially affecting user access to the application. Organizations using these apps should promptly update to the latest version to mitigate this risk.

Affected Version(s)

Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24044

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2024-45422 : Unauthenticated Denial of Service Vulnerability in Zoom Apps