First published: Thu Aug 11 2022(Updated: )
Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions.
Credit: security@zoom.us
Affected Software | Affected Version | How to fix |
---|---|---|
Zoom Meeting Connector | <4.8.129.20220714 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-28753 is classified as a medium severity vulnerability due to improper access control affecting the Zoom On-Premise Meeting Connector.
To fix CVE-2022-28753, update your Zoom On-Premise Meeting Connector to version 4.8.129.20220714 or later.
CVE-2022-28753 allows an attacker to join a meeting without appearing to other participants, compromising meeting security.
Versions of Zoom Meeting Connector prior to 4.8.129.20220714 are affected by CVE-2022-28753.
There are no known workarounds for CVE-2022-28753 other than upgrading to the latest version.