Lucene search
FedoraVULNRICHMENT:CVE-2024-38273HistoryJun 18, 2024 - 7:49 p.m.
CVE-2024-38273 moodle: BigBlueButton web service leaks meeting joining information to users who should not have access
2024-06-1819:49:02
CWE-284
fedora
github.com
cve-2024
moodle
bigbluebutton
web service
security
vulnerability
capability checks
access
permission
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
CNA Affected
[
{
"vendor": "Moodle",
"product": "Moodle",
"versions": [
{
"status": "affected",
"version": "4.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.3",
"versionType": "semver",
"lessThanOrEqual": "4.3.4"
},
{
"status": "affected",
"version": "4.2",
"versionType": "semver",
"lessThanOrEqual": "4.2.7"
},
{
"status": "affected",
"version": "4.1",
"versionType": "semver",
"lessThanOrEqual": "4.1.10"
}
],
"defaultStatus": "unaffected"
}
]Related
veracode
veracode
Unauthorized Access
2024-06-19 04:01:53
nvd
nvd
CVE-2024-38273
2024-06-18 20:15:13
ubuntucve
ubuntucve
CVE-2024-38273
2024-06-18 00:00:00
cve
cve
CVE-2024-38273
2024-06-18 20:15:13
osv
osv
Moodle BigBlueButton web service leaks meeting joining information
2024-06-18 21:30:36
cvelist
cvelist
github
github
Moodle BigBlueButton web service leaks meeting joining information
2024-06-18 21:30:36
openvas
openvas
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.7%
Related for VULNRICHMENT:CVE-2024-38273