Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Thu, 02 Oct 2025 21:00:00 +0000

Type Values Removed Values Added
Description Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Title Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing Authorization
Weaknesses CWE-862

Wed, 04 Sep 2024 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Zoom
Zoom meeting Software Development Kit
Zoom rooms
Zoom rooms Controller
Zoom workplace
Zoom workplace Desktop
Zoom workplace Virtual Desktop Infrastructure
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipados:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*
Vendors & Products Zoom
Zoom meeting Software Development Kit
Zoom rooms
Zoom rooms Controller
Zoom workplace
Zoom workplace Desktop
Zoom workplace Virtual Desktop Infrastructure

Thu, 15 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 14 Aug 2024 16:45:00 +0000

Type Values Removed Values Added
Description Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Title Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Zoom

Published:

Updated: 2025-10-02T20:53:49.416Z

Reserved: 2024-08-01T19:13:16.137Z

Link: CVE-2024-42434

cve-icon Vulnrichment

Updated: 2024-08-15T13:36:42.778Z

cve-icon NVD

Status : Modified

Published: 2024-08-14T17:15:16.270

Modified: 2025-10-02T21:15:59.857

Link: CVE-2024-42434

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.