Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigbluebutton bigbluebutton 2.4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-29233
BigBlueButton is an open source web conferencing system. In BigBlueButton starting with 2.2 but prior to 2.3.18 and 2.4-rc-1, an attacker can circumvent access controls to gain access to all breakout rooms of the meeting they are in. The permission checks rely on knowledge of int...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
4.3
CVSSv3
CVE-2022-41961
BigBlueButton is an open source web conferencing system. Versions before 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remainin...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
2.7
CVSSv3
CVE-2022-41962
BigBlueButton is an open source web conferencing system. Versions before 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should on...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
7.5
CVSSv3
CVE-2022-23488
BigBlueButton is an open source web conferencing system. Versions before 2.4-rc-6 are vulnerable to Insertion of Sensitive Information Into Sent Data. The moderators-only webcams lock setting is not enforced on the backend, which allows an malicious user to subscribe to viewers...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
6.5
CVSSv3
CVE-2022-29232
BigBlueButton is an open source web conferencing system. Starting with version 2.2 and prior to versions 2.3.9 and 2.4-beta-1, an attacker can circumvent access controls to obtain the content of public chat messages from different meetings on the server. The attacker must be a pa...
Bigbluebutton Bigbluebutton
Bigbluebutton Bigbluebutton 2.4
5.3
CVSSv3
CVE-2022-29235
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the ...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
4.3
CVSSv3
CVE-2022-29236
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker can circumvent access restrictions for drawing on the whiteboard. The permission check is inadvertently skipped on the server, due to a previous...
Bigbluebutton Bigbluebutton 2.4
Bigbluebutton Bigbluebutton
5.7
CVSSv3
CVE-2022-41964
BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the...
Bigbluebutton Bigbluebutton 2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started