CVE-2024-45420— Zoom Apps - Uncontrolled Resource Consumption

CVSS 4.3 · Medium EPSS 0.20% · P42 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-45420

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Zoom Apps - Uncontrolled Resource Consumption

Source: NVD (National Vulnerability Database)

Vulnerability Description

Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

未加控制的资源消耗(资源穷尽)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Zoom多款产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Zoom Rooms等都是美国Zoom公司的产品。Zoom Rooms是一个基于软件的会议系统。Zoom Workplace是一个桌面应用软件。Zoom Video SDK是一个视频开发工具包。 Zoom多款产品存在安全漏洞，该漏洞源于不受控制的资源消耗，可能会允许经过身份验证的用户通过网络访问进行拒绝服务。以下产品受到影响：Zoom Workplace App、Rooms、Video SDK和Meeting SDK。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Zoom Communications Inc.	Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers	see references	-

II. Public POCs for CVE-2024-45420

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-45420

请登录查看更多情报信息。

Same Patch Batch · Zoom Communications Inc. · 2024-11-19 · 3 CVEs total

CVE-2024-45419	8.1 HIGH	Zoom Apps - Improper Input Validation
CVE-2024-45422	6.5 MEDIUM	Zoom Apps - Improper Input Validation

IV. Related Vulnerabilities

Same product: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers

Same vendor: Zoom Communications Inc.

Same weakness: CWE-400

V. Comments for CVE-2024-45420

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-45420— Zoom Apps - Uncontrolled Resource Consumption

I. Basic Information for CVE-2024-45420

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-45420

III. Intelligence Information for CVE-2024-45420

Same Patch Batch · Zoom Communications Inc. · 2024-11-19 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-45420

Leave a comment