Zoom Products Multiple Vulnerabilities
Release Date:
17 Nov 2021
9981
Views
RISK: Medium Risk
TYPE: Clients - Productivity Products
Multiple vulnerabilities were identified in Zoom Products, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, security restriction bypass and denial of service condition on the targeted system.
Impact
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
- Remote Code Execution
System / Technologies affected
- Zoom On-Premise Meeting Connector Controller 4.6.365.20210703 prior versions
- Zoom On-Premise Meeting Connector MMR 4.6.365.20210703 prior versions
- Zoom On-Premise Recording Connector 3.8.45.20210703 prior versions
- Zoom On-Premise Virtual Room Connector 4.4.6868.20210703 prior versions
- Zoom On-Premise Virtual Room Connector Load Balancer 2.5.5496.20210703 prior versions
- Zoom Client for Meetings for Ubuntu Linux 5.1.0 prior versions
- Zoom Client for Meetings for Windows 5.5.4 prior versions
- Zoom Keybase Client for Android 5.8.0 prior versions
- Zoom Keybase Client for iOS 5.8.0 prior versions
- Zoom Keybase Client for Windows 5.7.0 prior versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://explore.zoom.us/en/trust/security/security-bulletin/?filter-cve=CVE-2021-34422%2CCVE-2021-34421%2CCVE-2021-34420%2CCVE-2021-34419%2CCVE-2021-34418%2CCVE-2021-34417&filter=&keywords=
Vulnerability Identifier
Source
Related Link
Related Tags
Share with