漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
BigBlueButton contains Improper Preservation of Permissions for whiteboard
Vulnerability Description
BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
权限预留不恰当
Vulnerability Title
BigBlueButton 安全漏洞
Vulnerability Description
BigBlueButton是BigBlueButton社区的一套开源的Web会议系统。 BigBlueButton 2.4.3之前版本存在安全漏洞,该漏洞源于包含用于处理延迟消息的白板宽限期,攻击者利用该漏洞可以利用该宽限期在其访问权被撤销后的几秒钟内采取行动。
CVSS Information
N/A
Vulnerability Type
N/A