Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2012-AVI-163
Vulnerability from certfr_avis - Published: 2012-03-22 - Updated: 2012-03-22
De multiples vulnérabilités dans Moodle permettent de contourner la politique de sécurité et d'accéder à des informations théoriquement protégées.
Description
De multiples vulnérabilités ont été corrigées dans Moodle. Leur exploitation, qui nécessite parfois des droits particuliers, permet de contourner certains mécanismes de sécurité et d'accéder à des informations protégées.
Solution
Mettre Moodle à jour en version 1.9.17, 2.0.8, 2.1.5 ou 2.2.2.
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Moodle versions 2.2 \u00e0 2.2.1+ ;",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions 2.0 \u00e0 2.0.7+ ;",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions 1.9 \u00e0 1.9.16+.",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions 2.1 \u00e0 2.1.4+ ;",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Moodle. Leur\nexploitation, qui n\u00e9cessite parfois des droits particuliers, permet de\ncontourner certains m\u00e9canismes de s\u00e9curit\u00e9 et d\u0027acc\u00e9der \u00e0 des\ninformations prot\u00e9g\u00e9es.\n\n## Solution\n\nMettre Moodle \u00e0 jour en version 1.9.17, 2.0.8, 2.1.5 ou 2.2.2.\n",
"cves": [
{
"name": "CVE-2012-1155",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1155"
},
{
"name": "CVE-2012-1156",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1156"
},
{
"name": "CVE-2012-1169",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1169"
},
{
"name": "CVE-2012-1157",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1157"
},
{
"name": "CVE-2012-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1158"
},
{
"name": "CVE-2012-1160",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1160"
},
{
"name": "CVE-2012-1161",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1161"
},
{
"name": "CVE-2012-1168",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1168"
},
{
"name": "CVE-2012-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1170"
}
],
"initial_release_date": "2012-03-22T00:00:00",
"last_revision_date": "2012-03-22T00:00:00",
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Moodle MSA-12-0013 \u00e0 MSA-12-0023 du 19 mars 2012 :",
"url": "http://moodle.org/mod/forum/view.php?f=996\u0026showall=1"
}
],
"reference": "CERTA-2012-AVI-163",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-03-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eMoodle\u003c/span\u003e\npermettent de contourner la politique de s\u00e9curit\u00e9 et d\u0027acc\u00e9der \u00e0 des\ninformations th\u00e9oriquement prot\u00e9g\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Moodle du 19 mars 2012",
"url": null
}
]
}
CVE-2012-1155 (GCVE-0-2012-1155)
Vulnerability from cvelistv5 – Published: 2019-11-14 15:48 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1155 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198621 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198621"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2.x"
},
{
"status": "affected",
"version": "2.1.x"
},
{
"status": "affected",
"version": "2.0.x"
},
{
"status": "affected",
"version": "1.9.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T15:48:08.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198621"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1155",
"datePublished": "2019-11-14T15:48:08.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1156 (GCVE-0-2012-1156)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:01 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has users' private files included in course backups
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1156 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198623 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1156"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1156"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
},
{
"status": "affected",
"version": "2.0 to 2.0.7+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has users\u0027 private files included in course backups"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:01:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1156"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1156"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198623"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1156",
"datePublished": "2019-11-14T16:01:05.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1157 (GCVE-0-2012-1157)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:05 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1157 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198624 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1157"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1157"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
},
{
"status": "affected",
"version": "2.0 to 2.0.7+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:05:42.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1157"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1157"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198624"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1157",
"datePublished": "2019-11-14T16:05:42.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1158 (GCVE-0-2012-1158)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:09 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1158 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198627 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1158"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1158"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1158"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198627"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:09:56.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1158"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1158"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1158"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198627"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1158",
"datePublished": "2019-11-14T16:09:56.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1160 (GCVE-0-2012-1160)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:21 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1160 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198629 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1160"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1160"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1160"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198629"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:21:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1160"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1160"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1160"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198629"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1160",
"datePublished": "2019-11-14T16:21:05.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1161 (GCVE-0-2012-1161)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:34 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1161 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198630 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:34:04.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198630"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1161",
"datePublished": "2019-11-14T16:34:04.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1168 (GCVE-0-2012-1168)
Vulnerability from cvelistv5 – Published: 2019-11-14 15:56 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1168 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198622 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198622"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
},
{
"status": "affected",
"version": "2.0 to 2.0.7+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T15:56:53.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198622"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1168",
"datePublished": "2019-11-14T15:56:53.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1169 (GCVE-0-2012-1169)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:26 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
Severity
No CVSS data available.
CWE
- UNKNOWN_TYPE
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1169 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198625 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:35.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1169"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198625"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
},
{
"status": "affected",
"version": "2.1 to 2.1.4+"
},
{
"status": "affected",
"version": "2.0 to 2.0.7+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:26:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1169"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198625"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1169",
"datePublished": "2019-11-14T16:26:14.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:35.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1170 (GCVE-0-2012-1170)
Vulnerability from cvelistv5 – Published: 2019-11-14 16:29 – Updated: 2024-08-06 18:53
VLAI
EPSS
Summary
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
Severity
No CVSS data available.
CWE
- multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.17
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2012-1170 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | x_refsource_MISC |
| https://moodle.org/mod/forum/discuss.php?d=198632 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moodle",
"vendor": "Moodle",
"versions": [
{
"status": "affected",
"version": "2.2 to 2.2.1+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.17",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:29:28.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=198632"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1170",
"datePublished": "2019-11-14T16:29:28.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:36.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…