CVE-2024-45422

EPSS 0.09%
Published 19.11.2024 20:15:31
Last modified 19.08.2025 14:08:46
Source security@zoom.us
Teams watchlist Login
Open Login

Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Zoom ≫ Meeting Software Development Kit SwPlatformandroid Version < 6.2.0

Zoom ≫ Meeting Software Development Kit SwPlatformiphone_os Version < 6.2.0

Zoom ≫ Meeting Software Development Kit SwPlatformlinux Version < 6.2.0

Zoom ≫ Meeting Software Development Kit SwPlatformmacos Version < 6.2.0

Zoom ≫ Meeting Software Development Kit SwPlatformwindows Version < 6.2.0

Zoom ≫ Rooms SwPlatformipados Version < 6.2.0

Zoom ≫ Rooms SwPlatformmacos Version < 6.2.0

Zoom ≫ Rooms SwPlatformwindows Version < 6.2.0

Zoom ≫ Rooms Controller SwPlatformandroid Version < 6.2.0

Zoom ≫ Rooms Controller SwPlatformlinux Version < 6.2.0

Zoom ≫ Rooms Controller SwPlatformmacos Version < 6.2.0

Zoom ≫ Rooms Controller SwPlatformwindows Version < 6.2.0

Zoom ≫ Video Software Development Kit SwPlatformandroid Version < 6.2.0

Zoom ≫ Video Software Development Kit SwPlatformiphone_os Version < 6.2.0

Zoom ≫ Video Software Development Kit SwPlatformlinux Version < 6.2.0

Zoom ≫ Video Software Development Kit SwPlatformmacos Version < 6.2.0

Zoom ≫ Video Software Development Kit SwPlatformwindows Version < 6.2.0

Zoom ≫ Workplace SwPlatformandroid Version < 6.2.0

Zoom ≫ Workplace SwPlatformiphone_os Version < 6.2.0

Zoom ≫ Workplace Desktop SwPlatformlinux Version < 6.2.0

Zoom ≫ Workplace Desktop SwPlatformmacos Version < 6.2.0

Zoom ≫ Workplace Desktop SwPlatformwindows Version < 6.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.256

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security@zoom.us	6.5	3.9	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.zoom.com/en/trust/security-bulletin/zsb-24044

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-45422

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45422

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45422

EUVD