Answer Question
version update/hotfix for the 3 vulnerabilities disclosed by Google Security researchers in July 2024?
Hello support team,
On 24th July 2024, Google Security researcher disclosed 3 vulnerabilities affecting Turbomeeting versions 8.x and below;
1) CVE-2024-38289 [9.8,Critical] - NVD - CVE-2024-38289 - TurboMeeting: Boolean-based SQL Injection · Advisory · google/security-research · GitHub
2) CVE-2024-38287 [9.8,Critical] - NVD - CVE-2024-38287 - TurboMeeting: Insecure Password Reset Mechanism · Advisory · google/security-research · GitHub
3) CVE-2024-38288 [7.2,High] - NVD - CVE-2024-38288 - TurboMeeting: Post-Authentication Command Injection · Advisory · google/security-research · GitHub
We were wondering if there was any security fix or version update in process to mitigate these vulnerabilities.
Thanks,
Ashley M
On 24th July 2024, Google Security researcher disclosed 3 vulnerabilities affecting Turbomeeting versions 8.x and below;
1) CVE-2024-38289 [9.8,Critical] - NVD - CVE-2024-38289 - TurboMeeting: Boolean-based SQL Injection · Advisory · google/security-research · GitHub
2) CVE-2024-38287 [9.8,Critical] - NVD - CVE-2024-38287 - TurboMeeting: Insecure Password Reset Mechanism · Advisory · google/security-research · GitHub
3) CVE-2024-38288 [7.2,High] - NVD - CVE-2024-38288 - TurboMeeting: Post-Authentication Command Injection · Advisory · google/security-research · GitHub
We were wondering if there was any security fix or version update in process to mitigate these vulnerabilities.
Thanks,
Ashley M
