A vulnerability was found in BigBlueButton up to 2.6.17/2.7.7/3.0.0-alpha6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0. The manipulation leads to improper privilege management.
This vulnerability is known as CVE-2024-39302. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.