Kusagadzikana (CVE-2023-28936) kwakagadziriswa muApache OpenMeetings web conferencing server, iyo inobvumira kuwanikwa kwekurekodha nemakamuri ekutaura. Dambudziko rakapihwa mwero wakakomba wengozi. Kusagadzikana kunokonzerwa nekusimbisa kusiriyo kwehashi inoshandiswa kubatanidza vatori vechikamu vatsva. Iyo bug yanga iripo kubva pakaburitswa 2.0.0 uye yakagadziriswa muApache OpenMeetings 7.1.0 update yakaburitswa mazuva mashoma apfuura.
Pamusoro pezvo, kusakwana kuviri kwengozi kwakagadziriswa muApache OpenMeetings 7.1.0:
- CVE-2023-29032 - Kugona kunzvenga chokwadi. Anorwisa anoziva rumwe ruzivo rwakadzama nezvemushandisi anogona kutevedzera mumwe mushandisi.
- CVE-2023-29246 - Null substitution inogona kushandiswa kuita kodhi pane server kana iyo OpenMeetings administrator account ikawana.
Source: opennet.ru