CVE-2024-24699
Zoom Clients - Business Logic Error
In short
A flaw in Zoom's logic allows authenticated users to access and view information they shouldn't be able to see through the network. This could expose sensitive data to people who have legitimate access to Zoom.
Technical detail
A business logic error in Zoom clients permits authenticated users to perform unauthorized information disclosure via network access. The vulnerability requires prior authentication and allows attackers to bypass access controls to view restricted data.
Summary generated and translated by AI from the official description.
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Zoom Video Communications, Inc. · Zoom ClientsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →