CVE-2024-39822

Summary

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

Affected Software

VendorProductVersion RangeStatus
Zoom Communications Inc.Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllerssee referencesaffected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References