Greenlight is a simple front-end interface for your BigBlueButton server. In affected versions an attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings. This issue has been patched in release version 2.12.6.
References
Link | Resource |
---|---|
https://github.com/bigbluebutton/greenlight/pull/3508 | Patch Third Party Advisory |
https://github.com/bigbluebutton/greenlight/security/advisories/GHSA-phh8-3v6v-7498 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-06-27T19:25:12
Updated: 2022-06-27T19:25:12
Reserved: 2022-05-18T00:00:00
Link: CVE-2022-31039
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-27T20:15:08.467
Modified: 2022-07-07T17:33:08.560
Link: CVE-2022-31039
JSON object: View
Redhat Information
No data.