What is the severity of CVE-2023-39199?

The severity of CVE-2023-39199 is medium with a severity value of 6.5.

Which Zoom clients are affected by CVE-2023-39199?

Zoom Meetings (Android, iPhone OS, Linux, macOS, Windows), Zoom Rooms (Android, iPad OS, macOS, Windows), Zoom Virtual Desktop Infrastructure, Zoom Zoom (Android, iPhone OS, Linux, macOS, Windows).

What is the vulnerability description of CVE-2023-39199?

The vulnerability in CVE-2023-39199 is due to cryptographic issues in the In-Meeting Chat feature of some Zoom clients, which may allow a privileged user to conduct an information disclosure via network access.

How can I fix CVE-2023-39199?

To fix CVE-2023-39199, it is recommended to update Zoom Meetings, Zoom Rooms, and Zoom Virtual Desktop Infrastructure to version 5.16.0 or above.

Where can I find more information about CVE-2023-39199?

You can find more information about CVE-2023-39199 in the Zoom security bulletin available at https://explore.zoom.us/en/trust/security/security-bulletin/

Vulnerability/
CVE-2023-39199

medium

6.5

CWE

310

14/11/2023

21/11/2023

CVE-2023-39199

First published: Tue Nov 14 2023(Updated: )

Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.

Credit: security@zoom.us

Affected Software	Affected Version	How to fix
Zoom Meetings	<5.16.0
Zoom Meetings	<5.16.0
Zoom Meetings	<5.16.0
Zoom Meetings	<5.16.0
Zoom Meetings	<5.16.0
Zoom Rooms	<5.16.0
Zoom Rooms	<5.16.0
Zoom Rooms	<5.16.0
Zoom Rooms	<5.16.0
Zoom Virtual Desktop Infrastructure	<5.14.13
Zoom Virtual Desktop Infrastructure	>=5.15.0<5.15.11
Zoom Zoom	<5.16.0
Zoom Zoom	<5.16.0
Zoom Zoom	<5.16.0
Zoom Zoom	<5.16.0
Zoom Zoom	<5.16.0

Never miss a vulnerability like this again

Reference Links

https://explore.zoom.us/en/trust/security/security-bulletin/

Frequently Asked Questions

What is the severity of CVE-2023-39199?
The severity of CVE-2023-39199 is medium with a severity value of 6.5.
Which Zoom clients are affected by CVE-2023-39199?
Zoom Meetings (Android, iPhone OS, Linux, macOS, Windows), Zoom Rooms (Android, iPad OS, macOS, Windows), Zoom Virtual Desktop Infrastructure, Zoom Zoom (Android, iPhone OS, Linux, macOS, Windows).
What is the vulnerability description of CVE-2023-39199?
The vulnerability in CVE-2023-39199 is due to cryptographic issues in the In-Meeting Chat feature of some Zoom clients, which may allow a privileged user to conduct an information disclosure via network access.
How can I fix CVE-2023-39199?
To fix CVE-2023-39199, it is recommended to update Zoom Meetings, Zoom Rooms, and Zoom Virtual Desktop Infrastructure to version 5.16.0 or above.
Where can I find more information about CVE-2023-39199?
You can find more information about CVE-2023-39199 in the Zoom security bulletin available at https://explore.zoom.us/en/trust/security/security-bulletin/

collector/mitre-cve
collector/nvd-api
agent/weakness
agent/type
vendor/zoom
canonical/zoom meetings
canonical/zoom rooms
canonical/zoom virtual desktop infrastructure
version/zoom virtual desktop infrastructure/5.15.0
canonical/zoom zoom

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.