CVE-2022-22787

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services.
Configurations

Configuration 1

cpe:2.3:a:zoom:meetings:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:meetings:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:meetings:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:meetings:*:*:*:*:*:iphone_os:*:*

Information

Published : 2022-05-18 05:15

Updated : 2022-05-27 03:19


NVD link : CVE-2022-22787

Mitre link : CVE-2022-22787

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation