CVE-2022-28754
HIGHZoom On-Premise Meeting Connector MMR <4.8.129.20220714 - Privilege...
Title source: llmDescription
Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://explore.zoom.us/en/trust/security/security-bulletin/
Scores
CVSS v3
7.1
EPSS
0.0016
EPSS Percentile
36.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Details
CWE
CWE-284
Status
published
Products (1)
zoom/meeting_connector
< 4.8.129.20220714
Published
Aug 11, 2022
Tracked Since
Feb 18, 2026