Vulnerabilities > CVE-2020-29042 - Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton

047910
CVSS 3.7 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
high complexity
bigbluebutton
CWE-307
NVD
Published: 2020-11-26
Updated: 2020-11-29

Summary

An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.

Vulnerable Configurations

Part Description Count
Application
Bigbluebutton
85

Common Weakness Enumeration (CWE)

References