Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Zoom
  • Yealink Mp54
  • Rooms
  • Poly Ccx 700 Firmware
  • Yealink Vp59
  • Yealink Vp59 Firmware
  • Poly Ccx 700
  • Poly Ccx 600
  • Zoom
  • Video Software Development Kit
  • Yealink Mp54 Firmware
  • Meetings
  • Yealink Mp56 Firmware
  • Poly Ccx 600 Firmware
  • Yealink Mp56

Configuration 1 [-]

OR cpe:2.3:a:zoom:meetings:5.15.0:*:*:*:*:android:*:*
cpe:2.3:a:zoom:meetings:5.15.0:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:meetings:5.15.0:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.15.1:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms:5.15.0:*:*:*:*:ipad_os:*:*
cpe:2.3:a:zoom:rooms:5.15.0:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms:5.15.0:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:video_software_development_kit:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:zoom:zoom:5.15.0:*:*:*:*:android:*:*
cpe:2.3:a:zoom:zoom:5.15.0:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:zoom:5.15.0:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:zoom:5.15.0:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:zoom:5.15.0:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:zoom:5.15.1:*:*:*:*:windows:*:*

Configuration 2 [-]

AND
cpe:2.3:o:zoom:poly_ccx_700_firmware:5.15.0:*:*:*:*:*:*:*
cpe:2.3:h:zoom:poly_ccx_700:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:zoom:poly_ccx_600_firmware:5.15.0:*:*:*:*:*:*:*
cpe:2.3:h:zoom:poly_ccx_600:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:zoom:yealink_vp59_firmware:5.15.0:*:*:*:*:*:*:*
cpe:2.3:h:zoom:yealink_vp59:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:zoom:yealink_mp54_firmware:5.15.0:*:*:*:*:*:*:*
cpe:2.3:h:zoom:yealink_mp54:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:zoom:yealink_mp56_firmware:5.15.0:*:*:*:*:*:*:*
cpe:2.3:h:zoom:yealink_mp56:-:*:*:*:*:*:*:*
References
Link Resource
https://explore.zoom.us/en/trust/security/security-bulletin/ Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: Zoom

Published: 2023-06-30T02:01:21.401Z

Updated: 2023-06-30T02:04:40.019Z

Reserved: 2023-06-22T18:04:31.169Z

Link: CVE-2023-36539

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-06-30T03:15:09.747

Modified: 2023-07-10T13:29:00.263

Link: CVE-2023-36539

JSON object: View

cve-icon Redhat Information

No data.

CWE