Vulnerability in Zoom Zoom_plugin_for_microsoft_outlook
CVE-2021-34413
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own m…
Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)
EPSS: 0.006 (42.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Zoom Zoom_plugin_for_microsoft_outlook
- N/a Zoom Plugin For Microsoft Outlook Macos — versions All versions before 5.3.52553.0918
Weakness classification (CWE)
References
- security@zoom.us (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-34413?
- CVE-2021-34413 is a high-severity vulnerability in Zoom Zoom_plugin_for_microsoft_outlook, classified under Time-of-check Time-of-use (TOCTOU) Race Condition. CVSS score: 7.5/10. Published 2021-09-27.
- How severe is CVE-2021-34413?
- High severity. CVSS v3 base score is 7.5 out of 10.