Skip to main content

Meeting Connector

6 CVEs product

Monthly

CVE-2022-28754 MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28753 MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28750 CRITICAL Act Now

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow Meeting Connector
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-34416 CRITICAL Act Now

The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Meeting Connector Recording Connector Virtual Room Connector Virtual Room Connector Load Balancer
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-34415 HIGH This Week

The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Meeting Connector
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-34414 HIGH This Week

The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Meeting Connector Recording Connector Virtual Room Connector Virtual Room Connector Load Balancer
NVD
CVSS 3.1
7.2
EPSS
1.5%
EPSS 0% CVSS 5.4
MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Meeting Connector
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Meeting Connector Recording Connector +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Meeting Connector
NVD
EPSS 2% CVSS 7.2
HIGH This Week

The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Meeting Connector Recording Connector +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy