CVE-2022-28760 : What You Need to Know
Get insights into the CVE-2022-28760 vulnerability impacting Zoom On-Premise Meeting Connector MMR. Learn about the impact, affected versions, and mitigation steps.
A detailed overview of the CVE-2022-28760 vulnerability affecting Zoom On-Premise Meeting Connector MMR.
Understanding CVE-2022-28760
This CVE refers to an improper access control vulnerability found in Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130.
What is CVE-2022-28760?
The vulnerability allows a malicious actor to access the audio and video feed of a meeting they are not authorized to join, potentially causing disruptions.
The Impact of CVE-2022-28760
The impact of this vulnerability is rated as medium severity, with a CVSS base score of 6.5. It poses a high confidentiality risk, while integrity and availability are not impacted.
Technical Details of CVE-2022-28760
This section provides insights into the vulnerability description, affected systems, and the exploitation mechanism.
Vulnerability Description
The vulnerability arises due to improper access control in Zoom On-Premise Meeting Connector MMR.
Affected Systems and Versions
The vulnerability affects Zoom On-Premise Meeting Connector MMR versions less than 4.8.20220815.130.
Exploitation Mechanism
A malicious actor can exploit this vulnerability to access unauthorized meeting audio and video feeds.
Mitigation and Prevention
Learn about the steps to mitigate and prevent exploitation of CVE-2022-28760.
Immediate Steps to Take
Organizations should update Zoom On-Premise Meeting Connector MMR to version 4.8.20220815.130 or later to address this vulnerability.
Long-Term Security Practices
Implement robust access controls, user authentication mechanisms, and regular security updates to enhance overall security posture.
Patching and Updates
Regularly monitor for security advisories and apply patches promptly to safeguard against known vulnerabilities.