Vulnerabilities > CVE-2022-28761 - Unspecified vulnerability in Zoom On-Premise Meeting Connector MMR

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

zoom

NVD

Published: 2022-10-14

Updated: 2022-10-18

Summary

Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions.

Vulnerable Configurations

Part	Description	Count
Application	Zoom Zoom Zoom ON Premise Meeting Connector MMR - Zoom Zoom ON Premise Meeting Connector MMR 4.6.239.20200613 Zoom Zoom ON Premise Meeting Connector MMR 4.6.365.20210703 Zoom Zoom ON Premise Meeting Connector MMR 4.8.102.20220310 Zoom Zoom ON Premise Meeting Connector MMR 4.8.20220815.130	5

References

https://explore.zoom.us/en/trust/security/security-bulletin/