{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-34121",
        "ASSIGNER": "security@zoom.us",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Improper input validation  in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting  clients before 5.14.0  may allow an authenticated user to potentially enable an escalation of privilege  via network access."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
                        "cweId": "CWE-79"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Zoom Video Communications, Inc.",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Zoom for Windows",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "before 5.14.0"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Zoom Rooms Client for Windows",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "before 5.14.0"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                },
                {
                    "vendor_name": "ZoomZoom Video Communications, Inc.",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Zoom VDI for Windows Meeting Clients",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "before 5.14.0"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
                "refsource": "MISC",
                "name": "https://explore.zoom.us/en/trust/security/security-bulletin/"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
                "version": "3.1"
            }
        ]
    }
}