Rewterz Threat Advisory – CVE-2021-23055 – F5 NGINX Ingress Controller
November 11, 2021Rewterz Threat Advisory – CVE-2021-22101 – VMware Tanzu Application Service
November 11, 2021Rewterz Threat Advisory – CVE-2021-23055 – F5 NGINX Ingress Controller
November 11, 2021Rewterz Threat Advisory – CVE-2021-22101 – VMware Tanzu Application Service
November 11, 2021Severity
Medium
Analysis Summary
CVE-2021-34422
Zoom Keybase Client for Windows could allow a remote attacker to traverse directories on the system, caused by improper validation of a file uploaded to a team folder. An attacker could use a specially-crafted file name containing “dot dot” sequences (/../) to execute arbitrary code on the system.
CVE-2021-34421
Zoom Keybase Client for iOS and Android could allow a remote attacker to obtain sensitive information, caused by not properly remove exploded messages initiated by a user. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2021-34420
Zoom Client for Meetings for Windows could allow a remote attacker to bypass security restrictions, caused by improper validating the signature of files with .msi, .ps1, and .bat extensions. By persuading to open specially-crafted content, an attacker could exploit this vulnerability to install malicious software on a victim’s computer.
CVE-2021-34419
Zoom Client for Meetings for Ubuntu Linux is vulnerable to HTML injection. A remote attacker could inject malicious HTML code when sending a remote control request, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site.
CVE-2021-34418
Zoom On-Premise products are vulnerable to a denial of service, caused by improper validating a NULL byte during authentication in the login service of the web console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the login service to crash.
CVE-2021-34417
Zoom On-Premise products could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation by the network proxy password in the network proxy page on the web portal. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary commands with rot privileges.
Impact
- Remote Code Execution
- Information Disclosure
- Security Bypass
- Denial of Service
Affected Vendors
Zoom
Affected Products
- Zoom Keybase Client for Windows 5.6.0
- Zoom Keybase Client for Android 5.7.0
- Zoom Keybase Client for iOS 5.7.0
- Zoom Zoom Client for Meetings for Windows 5.5
- Zoom Zoom Client for Meetings for Ubuntu Linux 5.0
- Zoom On-Premise Meeting Connector Controller 4.6.239
- Zoom On-Premise Meeting Connector MMR 4.6.239
- Zoom On-Premise Recording Connector 3.8.42
- Zoom On-Premise Virtual Room Connector 4.4.6344
- Zoom On-Premise Virtual Room Connector Load Balancer 2.5.5492
- Zoom On-Premise Meeting Connector Controller 4.6.365 Zoom On-Premise Meeting Connector MMR 4.6.365
- Zoom On-Premise Recording Connector 3.8.45
- Zoom On-Premise Virtual Room Connector 4.4.6868
- Zoom On-Premise Virtual Room Connector Load Balancer 2.5.5496
Remediation
Refer to Zoom Security Advisory for patch, upgrade, or suggested workaround information.
CVE-2021-34422
CVE-2021-34421
CVE-2021-34420
CVE-2021-34419
CVE-2021-34418
CVE-2021-34417