virus logo Intrusion Prevention

Zoom.Meeting.Connector.Authenticated.Remote.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Remote Command Injection Vulnerability in Zoom Meeting Connector.
The vulnerability is due to an improper input validation error when handling an crafted HTTP request. A remote, authenticated attacker can exploit the vulnerability by sending crafted requests to a vulnerable application. Successful exploitation can result in remote code execution in the context of the service.

affected-products-logoAffected Products

Zoom Meeting Connector 4.6.239.20200613

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.zoom.us/hc/en-us/articles/201363093-Deploying-the-Meeting-Connector

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-02-22 17.020 Default_action:pass:drop
2021-02-04 17.011

References

49360
ID 49741
Created Jan 27, 2021
Updated Feb 19, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux, MacOS
Affected App Other