Medium
CVSS 6.8
Overview
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.
CVE-2024-39826
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows ma...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 6.8 (MEDIUM)
- Detected tags: info_leak, path (tag impact: MODERATE)
Recommended actions:
- Reduce verbose errors, remove debug endpoints, minimize PII in logs.
- Canonicalize path; block `..` traversal; use allowlists.