7.5

CVE-2024-27241

Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZoomMeeting Software Development Kit SwPlatformandroid Version < 6.0.0
ZoomMeeting Software Development Kit SwPlatformiphone_os Version < 6.0.0
ZoomMeeting Software Development Kit SwPlatformlinux Version < 6.0.0
ZoomMeeting Software Development Kit SwPlatformmacos Version < 6.0.0
ZoomMeeting Software Development Kit SwPlatformwindows Version < 6.0.0
ZoomRooms SwPlatformipados Version < 6.0.0
ZoomRooms SwPlatformmacos Version < 6.0.0
ZoomRooms SwPlatformwindows Version < 6.0.0
ZoomWorkplace SwPlatformandroid Version < 6.0.0
ZoomWorkplace SwPlatformiphone_os Version < 6.0.0
ZoomWorkplace Desktop SwPlatformlinux Version < 6.0.0
ZoomWorkplace Desktop SwPlatformmacos Version < 6.0.0
ZoomWorkplace Desktop SwPlatformwindows Version < 6.0.0
ZoomWorkplace Virtual Desktop Infrastructure SwPlatformwindows Version < 5.17.13
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.336
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security@zoom.us 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.