Vulnerabilities > CVE-2020-29042 - Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton

047910
CVSS 3.7 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
high complexity
bigbluebutton
CWE-307

Summary

An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.