CVE-2021-34415

HIGH

7.5

CVSS Severity Score

EPSS Score0.0930%

EPSS Percentile9.48th

PublishedSep 27, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash.

Affected Platforms (CPE)

📦

Zoom

Meeting Connector

< 4.6.358.20210205

References & Advisories

🔗 https://explore.zoom.us/en/trust/security/security-bulletin/

Related Vulnerabilities

CVE-2021-344169.8

The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, ...

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...

CVE-2021-344177.9

The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoo...

CVE-2021-344247.5

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4,...