CVE-2023-49647

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-266
View all →

Vulnerability Description

Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.

Related Vulnerabilities

CVE-2016-7066

HIGH
CVSS:7.8(High)

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute...

CWE-2662016

CVE-2017-12711

HIGH
CVSS:7.8(High)

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to e...

CWE-2662017

CVE-2019-19345

HIGH
CVSS:7.8(High)

A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediaw...

CWE-2662019

CVE-2019-19349

HIGH
CVSS:7.8(High)

An insecure modification vulnerability in the /etc/passwd file was found in the container operator-framework/operator-metering as shipped in Red Hat Openshift 4. An attacker with access to the contain...

CWE-2662019

CVE-2019-19350

HIGH
CVSS:7.8(High)

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container co...

CWE-2662019

CVE-2019-19354

HIGH
CVSS:7.8(High)

An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this fla...

CWE-2662019