6.5

CVE-2023-39205

Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.

Data is provided by the National Vulnerability Database (NVD)
ZoomMeetings SwPlatformandroid Version < 5.16.0
ZoomMeetings SwPlatformiphone_os Version < 5.16.0
ZoomMeetings SwPlatformlinux Version < 5.16.0
ZoomMeetings SwPlatformmacos Version < 5.16.0
ZoomMeetings SwPlatformwindows Version < 5.16.0
ZoomVideo Software Development Kit SwPlatformandroid Version < 1.9.0
ZoomVideo Software Development Kit SwPlatformiphone_os Version < 1.9.0
ZoomVideo Software Development Kit SwPlatformlinux Version < 1.9.0
ZoomVideo Software Development Kit SwPlatformmacos Version < 1.9.0
ZoomVideo Software Development Kit SwPlatformwindows Version < 1.9.0
ZoomVirtual Desktop Infrastructure Version < 5.14.13
ZoomVirtual Desktop Infrastructure Version >= 5.15.0 < 5.15.11
ZoomZoom SwPlatformandroid Version < 5.16.0
ZoomZoom SwPlatformiphone_os Version < 5.16.0
ZoomZoom SwPlatformlinux Version < 5.16.0
ZoomZoom SwPlatformmacos Version < 5.16.0
ZoomZoom SwPlatformwindows Version < 5.16.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.37% 0.576
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
security@zoom.us 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.