Vulnerabilities > CVE-2020-29042 - Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
bigbluebutton
CWE-307
NVD
Published: 2020-11-26
Updated: 2020-11-29

Summary

An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.

Vulnerable Configurations

Part Description Count
Application
Bigbluebutton
82

Common Weakness Enumeration (CWE)

References