How severe is CVE-2023-43585?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Zoom Video Communications, Inc. Mobile App For Ios And Sdks

CVE-2023-43585

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

EPSS: 0.001 (31.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L.

Affected products

Zoom Video Communications, Inc. Mobile App For Ios And Sdks — versions before 5.16.0

Weakness classification (CWE)

CWE-449

References

www.zoom.com/en/trust/security-bulletin/ZSB-23058/

Frequently asked questions

What is CVE-2023-43585?: CVE-2023-43585 is a high-severity vulnerability in Zoom Video Communications, Inc. Mobile App For Ios And Sdks, classified under CWE-449. CVSS score: 7.1/10. Published 2023-12-13.
How severe is CVE-2023-43585?: High severity. CVSS v3 base score is 7.1 out of 10.