Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:NZoom Workplace Virtual Desktop Infrastructure
APPZoom< 6.3.146.4.0 – 6.4.14 (bez)6.5.0 – 6.5.10 (bez)
Powiązane podatności
Zoom Workplace dla Windows — privilege escalation przez kontrolę ścieżki pliku w funkcji Mail
Untrusted search path w klientach Zoom dla Windows — privilege escalation przez sieć
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before vers...
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an aut...
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct a...