Lucene search
HistoryJun 18, 2024 - 8:15 p.m.
CVE-2024-38273
capability checks
bigbluebutton
join urls
permission access
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
CNA Affected
[
{
"vendor": "Moodle",
"product": "Moodle",
"versions": [
{
"status": "affected",
"version": "4.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.3",
"lessThanOrEqual": "4.3.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.2",
"lessThanOrEqual": "4.2.7",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.1",
"lessThanOrEqual": "4.1.10",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
vulnrichment
vulnrichment
veracode
veracode
Unauthorized Access
2024-06-19 04:01:53
osv
osv
Moodle BigBlueButton web service leaks meeting joining information
2024-06-18 21:30:36
ubuntucve
ubuntucve
CVE-2024-38273
2024-06-18 00:00:00
nvd
nvd
CVE-2024-38273
2024-06-18 20:15:13
github
github
Moodle BigBlueButton web service leaks meeting joining information
2024-06-18 21:30:36
cvelist
cvelist
nessus
nessus
Fedora 39 : moodle (2024-9df8ef935b)
2024-06-27 00:00:00
Fedora 40 : moodle (2024-020937763e)
2024-06-27 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: moodle-4.3.5-1.fc40
2024-06-27 02:04:09
[SECURITY] Fedora 39 Update: moodle-4.3.5-1.fc39
2024-06-27 01:43:43
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2024-020937763e)
2024-06-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2024-9df8ef935b)
2024-06-27 00:00:00