CVE-2023-4807 | Community
Skip to main content
P
Newcomer
patelra
Newcomer
November 10, 2023
Question

CVE-2023-4807

  • November 10, 2023
  • 2 replies
  • 3 views

Hello, 

 

I just had an external partner reach out to me to inform us they are removing Zoom from their environment due to OpenSLL 3.1.1 being a High-Risk vulnerability (CVE-2023-4807). I see in the security bulletin that Zoom moved from OpenSSL 1.1.1 in October for this very reason but now 3.1.1 which is the current is vulnerable, but I am unable to find anything on Zoom forums about this being known or worked on. Is this something that is urgently being patched?

    2 replies

    U
    Newcomer
    user16
    Newcomer
    November 10, 2023

    some kind of update or progress on this would be very helpful. i'm at the point where i'm starting to push leadership to think about removing this from our own environment for the same reason.

      D
      Newcomer
      damookman47
      Newcomer
      November 16, 2023

      Same here - If Zoom does not address this issue, we will be moving to another solution. Our licenses are up at the beginning of February, 2024. The clock is ticking!!!

        Terms & ConditionsAccessibility statement
        Copyright © Zoom Communications, Inc. All rights reserved.