What is CVE-2022-28761?

CVE-2022-28761 is a vulnerability in Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 that allows a malicious actor to disrupt meetings by preventing participants from receiving audio and video.

How severe is CVE-2022-28761?

CVE-2022-28761 has a severity score of 6.5, which indicates a medium severity level.

How does CVE-2022-28761 affect Zoom On-Premise Meeting Connector MMR?

CVE-2022-28761 allows a malicious actor in a meeting or webinar with authorized access to disrupt audio and video for participants, causing meeting disruptions.

What is the fix for CVE-2022-28761?

To fix CVE-2022-28761, users should update to version 4.8.20220916.131 or later of Zoom On-Premise Meeting Connector MMR.

Where can I find more information about CVE-2022-28761?

More information about CVE-2022-28761 can be found in the security bulletin on the Zoom website: https://explore.zoom.us/en/trust/security/security-bulletin/

Vulnerability/
CVE-2022-28761

medium

6.5

CWE

284

14/10/2022

17/9/2024

CVE-2022-28761: Zoom On-Premise Deployments: Improper Access Control

First published: Fri Oct 14 2022(Updated: )

Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions.

Credit: security@zoom.us

Affected Software	Affected Version	How to fix
Zoom Zoom On-premise Meeting Connector Mmr	<4.8.20220916.131

Never miss a vulnerability like this again

Reference Links

https://explore.zoom.us/en/trust/security/security-bulletin/

Frequently Asked Questions

What is CVE-2022-28761?
CVE-2022-28761 is a vulnerability in Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 that allows a malicious actor to disrupt meetings by preventing participants from receiving audio and video.
How severe is CVE-2022-28761?
CVE-2022-28761 has a severity score of 6.5, which indicates a medium severity level.
How does CVE-2022-28761 affect Zoom On-Premise Meeting Connector MMR?
CVE-2022-28761 allows a malicious actor in a meeting or webinar with authorized access to disrupt audio and video for participants, causing meeting disruptions.
What is the fix for CVE-2022-28761?
To fix CVE-2022-28761, users should update to version 4.8.20220916.131 or later of Zoom On-Premise Meeting Connector MMR.
Where can I find more information about CVE-2022-28761?
More information about CVE-2022-28761 can be found in the security bulletin on the Zoom website: https://explore.zoom.us/en/trust/security/security-bulletin/

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/title
agent/references
agent/weakness
agent/author
agent/tags
agent/description
agent/event
agent/first-publish-date
vendor/zoom
canonical/zoom zoom on-premise meeting connector mmr

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.