Vulnerabilities in Zoom On-Premise Meeting Connector
September 26, 2022
Alert Severity: High and Medium
Issue Date: 2022-09-13
CVE(s):
CVE-2022-28758 – High
CVE-2022-28759 – High
CVE-2022-28760 – Medium
CVSS Score: 8.2
Impacted Products and Versions: Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130
Description:
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions.
Mitigation:
Update the software as per recommendation by Zoom
https://support.zoom.us/hc/en-us/articles/360043960031
Zero-Day Vulnerability found in WPGateway Plugin for WordPress
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability -CVE-2022-38012
