Improper Access Control in Pexip Infinity Product by Pexip
CVE-2024-33850

Currently unrated

Key Information:

Vendor: Pexip
Status: Pexip Infinity
Vendor: CVE Published:; 10 June 2024

What is CVE-2024-33850?

Pexip Infinity versions prior to 34.1 are susceptible to an improper access control vulnerability that allows users in a waiting room to view the conference roster. This flaw enables unauthorized actions that should be restricted until users are formally admitted to the meeting, potentially exposing sensitive information and compromising the integrity of the conference setup.

References

https://docs.pexip.com/admin/security_bulletins.htm

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2024

JSON