SecuritySpace - CVE-2022-22787

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2022-22787

Description: The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2022-22787
https://explore.zoom.us/en/trust/security/security-bulletin
http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html

CVE ID:	CVE-2022-22787
Description:	The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2022-22787 https://explore.zoom.us/en/trust/security/security-bulletin http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html