Описание
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zoom:meetings:4.6.11:*:*:*:*:windows:*:*
EPSS
Процентиль: 52%
0.00289
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-330
CWE-330
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption.
EPSS
Процентиль: 52%
0.00289
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-330
CWE-330