Unrated severityNVD Advisory· Published May 18, 2022· Updated Sep 17, 2024
Insufficient hostname validation during Clusterswitch message in Zoom Client for Meetings
CVE-2022-22787
Description
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.10.0
- Range: unspecified
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.htmlmitrex_refsource_MISC
- explore.zoom.us/en/trust/security/security-bulletinmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.