virus logo FortiClient Vulnerability

Server-Side Request Forgery Vulnerability CVE-2021-34425 for Zoom Client

description-logoDescription

The Zoom Client for Meetings before version 5.7.3 for Windows contain a server side request forgery vulnerability in the chat link preview functionality. In versions prior to 5.7.3, if a user were to enable the chat link preview feature, a malicious actor could trick the user into potentially sending arbitrary HTTP GET requests to URLs that the actor cannot reach directly.

affected-products-logoAffected Applications

Zoom

CVE References

CVE-2021-34425

Other References

https://explore.zoom.us/en/trust/security/security-bulletin/
ID 4249
Created Feb 23, 2022
Description
Updated		 Feb 23, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Zoom
Patch manual
Application Zoom