The UI Performs the Wrong Action

CVE-2023-43585

High

7.1/10

Summary

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: LOW

CWE-449 - The UI Performs the Wrong Action

The UI performs the wrong action with respect to the user's request.

References

Advisory Timeline

Published Dec 13, 2023

The UI Performs the Wrong Action

CVE-2023-43585

Summary

CWE-449 - The UI Performs the Wrong Action

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS