CVE-2023-36539

Summary

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications, Inc.Zoom clientsSee references link for ZSB-23025affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-325: CWE-325 Missing Cryptographic Step

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References