PT-2020-12213 · Janus · Janus

Published

2020-03-14

Updated

2020-03-18

CVE-2020-10573

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Janus versions through 0.9.1

Description An issue was discovered in the janus audiobridge.c file, specifically when listing private rooms in AudioBridge, which results in a double mutex unlock.

Recommendations For versions through 0.9.1, consider restricting access to the AudioBridge functionality until a patch is available. As a temporary workaround, consider disabling the listing of private rooms in AudioBridge to minimize the risk of exploitation.

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

CVE-2020-10573

Affected Products

Janus

PT-2020-12213 · Janus · Janus

CVE-2020-10573

Weakness Enumeration

Related Identifiers

Affected Products

References · 9