CVE-2023-36535

Medium

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information…

Zoom·CWE-449·Published 2023-08-08

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

163 chars

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.

NVDen

163 chars

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.

La aplicación del lado del cliente de la seguridad del lado del servidor en los clientes en Zoom anteriores a la versión 5.14.10 puede permitir que un usuario autenticado permita la divulgación de información a través del acceso a la red.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.1	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L