Описание
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secure version.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.9.6 (исключая)
cpe:2.3:a:zoom:meetings:*:*:*:*:*:macos:*:*
EPSS
Процентиль: 30%
0.00112
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-354
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secure version.
EPSS
Процентиль: 30%
0.00112
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-354