CVE-2020-29042

Sažetak

An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.

Reference

http://packetstormsecurity.com/files/160238/BigBlueButton-2.2.29-Brute-Force.html
https://cxsecurity.com/issue/WLB-2020110210
https://github.com/bigbluebutton/bigbluebutton/releases

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

29-11-2020 - 23:48

Objavljeno

26-11-2020 - 18:15