Vulnerability Details CVE-2021-33506
jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference moderation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/jitsi/jitsi-meet/compare/5025...5026
- https://github.com/jitsi/jitsi-meet/pull/9252/files
- https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2021-0001.md
- https://github.com/jitsi/jitsi-meet/compare/5025...5026
- https://github.com/jitsi/jitsi-meet/pull/9252/files
- https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2021-0001.md
Products affected by CVE-2021-33506
-
cpe:2.3:a:8x8:jitsi_meet:-