CVE-2023-42803 - OpenCVE

BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bigbluebutton	Bigbluebutton

Configuration 1 [-]

OR	cpe:2.3:a:bigbluebutton:bigbluebutton::::::::
	cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1::::::
	cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2::::::
	cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3::::::
	cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4::::::
	cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:beta1::::::

No data.

References

Link	Providers
https://github.com/bigbluebutton/bigbluebutton/pull/15990
https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-30T18:11:35.630Z

Updated: 2024-09-06T20:12:00.883Z

Reserved: 2023-09-14T16:13:33.306Z

Link: CVE-2023-42803

Vulnrichment

Updated: 2024-08-02T19:30:24.327Z

NVD

Status : Analyzed

Published: 2023-10-30T19:15:07.963

Modified: 2023-11-07T23:25:21.980

Link: CVE-2023-42803

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-42803", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-09-14T16:13:33.306Z", "datePublished": "2023-10-30T18:11:35.630Z", "dateUpdated": "2024-09-06T20:12:00.883Z"}, "containers": {"cna": {"title": "BigBlueButton Unrestricted File Upload vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "lang": "en", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"}, {"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "tags": ["x_refsource_MISC"], "url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"}], "affected": [{"vendor": "bigbluebutton", "product": "bigbluebutton", "versions": [{"version": "< 2.6.0-beta.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-30T18:11:35.630Z"}, "descriptions": [{"lang": "en", "value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds."}], "source": {"advisory": "GHSA-w98f-6x8w-xhjc", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:30:24.327Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"}, {"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-06T20:11:37.351065Z", "id": "CVE-2023-42803", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-06T20:12:00.883Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:30:24.327Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-42803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-06T20:11:37.351065Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-06T20:11:52.302Z"}}], "cna": {"title": "BigBlueButton Unrestricted File Upload vulnerability", "source": {"advisory": "GHSA-w98f-6x8w-xhjc", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "bigbluebutton", "product": "bigbluebutton", "versions": [{"status": "affected", "version": "< 2.6.0-beta.2"}]}], "references": [{"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-30T18:11:35.630Z"}}}, "cveMetadata": {"cveId": "CVE-2023-42803", "state": "PUBLISHED", "dateUpdated": "2024-09-06T20:12:00.883Z", "dateReserved": "2023-09-14T16:13:33.306Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-10-30T18:11:35.630Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F3F6566-B94F-4CBC-B1BA-DACA51865D76", "versionEndIncluding": "2.5.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "83C1F894-31BC-4C2D-AD62-837D990257CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "84EE596E-A3F6-4B29-B51D-CAE19A74D5E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "A8DD6CB9-0B7E-4C4E-BDC6-D8FD1B85882D", "vulnerable": true}, {"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "1BA4033B-60B8-4674-98CA-F5794B905362", "vulnerable": true}, {"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "66F6441F-A11A-424B-BB9C-1CFF5F95B02E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds."}, {"lang": "es", "value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. BigBlueButton anterior a la versi\u00f3n 2.6.0-beta.2 es vulnerable a la carga de archivos sin restricciones, donde la llamada a la API insertDocument no valida la extensi\u00f3n de archivo dada antes de guardar el archivo y no la elimina en caso de fallas de validaci\u00f3n. BigBlueButton 2.6.0-beta.2 contiene un parche. No se conocen workarounds."}], "id": "CVE-2023-42803", "lastModified": "2023-11-07T23:25:21.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-30T19:15:07.963", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security-advisories@github.com", "type": "Primary"}]}