CVE-2024-24691

{"id": "CVE-2024-24691", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-02-14T00:15:47.200", "references": [{"url": "https://www.zoom.com/en/trust/security-bulletin/ZSB-24008/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.zoom.com/en/trust/security-bulletin/ZSB-24008/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-176"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access."}, {"lang": "es", "value": "Una validaci\u00f3n de entrada incorrecta en Zoom Desktop Client para Windows, Zoom VDI Client para Windows y Zoom Meeting SDK para Windows puede permitir que un usuario no autenticado realice una escalada de privilegios a trav\u00e9s del acceso a la red."}], "lastModified": "2024-11-21T08:59:30.850", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "B72243E4-AFF7-4A69-934A-1170A6EDAE0F", "versionEndExcluding": "5.16.5"}, {"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "9D60A59A-2E09-48C6-82F6-995B7ADB330A", "versionEndExcluding": "5.17.0"}, {"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "DEC61EA8-8A9D-4E36-9B46-2B45ED1C5DB8", "versionEndExcluding": "5.14.14"}, {"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "390DFFB5-7BEA-41F2-B2E1-F0FED3766C1E", "versionEndExcluding": "5.15.12", "versionStartExcluding": "5.14.14"}, {"criteria": "cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "8B90CC0C-8000-44E1-8AA1-5E67081ECD2E", "versionEndExcluding": "5.16.10", "versionStartExcluding": "5.15.12"}, {"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "19B08EB3-7EBF-416F-91B9-4600E47567F7", "versionEndExcluding": "5.16.5"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}