CVE-2022-28753

Summary

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications IncZoom On-Premise Meeting Connector MMRunspecified < 4.8.129.20220714affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References