CVE-2020-27613

The installation procedure in BigBlueButton before 2.2.17 uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access.

Date published : 2020-10-21

https://github.com/bigbluebutton/bigbluebutton/commit/fa730b726aa1e0f4601f428ee29830007eea0080

https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.16…v2.2.17