Vulnerabilities > CVE-2020-27603 - Unspecified vulnerability in Bigbluebutton

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

NVD

Published: 2020-10-21

Updated: 2020-10-29

Summary

BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files.

Part	Description	Count
Application	Bigbluebutton Bigbluebutton Bigbluebutton - Bigbluebutton Bigbluebutton 0.7 Bigbluebutton Bigbluebutton 0.8 Bigbluebutton Bigbluebutton 0.9.0 Bigbluebutton Bigbluebutton 0.9.1 Bigbluebutton Bigbluebutton 0.9.2 Bigbluebutton Bigbluebutton 0.71 Bigbluebutton Bigbluebutton 0.81 Bigbluebutton Bigbluebutton 1.0.0 Bigbluebutton Bigbluebutton 1.1.0 Bigbluebutton Bigbluebutton 2.0 Bigbluebutton Bigbluebutton 2.2.0 Bigbluebutton Bigbluebutton 2.2.1 Bigbluebutton Bigbluebutton 2.2.2 Bigbluebutton Bigbluebutton 2.2.3 Bigbluebutton Bigbluebutton 2.2.4 Bigbluebutton Bigbluebutton 2.2.5 Bigbluebutton Bigbluebutton 2.2.6 Bigbluebutton Bigbluebutton 2.2.7 Bigbluebutton Bigbluebutton 2.2.8 Bigbluebutton Bigbluebutton 2.2.9 Bigbluebutton Bigbluebutton 2.2.10 Bigbluebutton Bigbluebutton 2.2.11 Bigbluebutton Bigbluebutton 2.2.12 Bigbluebutton Bigbluebutton 2.2.14 Bigbluebutton Bigbluebutton 2.2.15 Bigbluebutton Bigbluebutton 2.2.16 Bigbluebutton Bigbluebutton 2.2.17 Bigbluebutton Bigbluebutton 2.2.18 Bigbluebutton Bigbluebutton 2.2.19 Bigbluebutton Bigbluebutton 2.2.20 Bigbluebutton Bigbluebutton 2.2.21 Bigbluebutton Bigbluebutton 2.2.22 Bigbluebutton Bigbluebutton 2.2.23 Bigbluebutton Bigbluebutton 2.2.24 Bigbluebutton Bigbluebutton 2.2.25 Bigbluebutton Bigbluebutton 2.2.26	82