Lucene search

China National Vulnerability DatabaseCNVD-2022-54952

HistoryMay 19, 2022 - 12:00 a.m.

Unspecified vulnerability exists in moodle (CNVD-2022-54952)

2022-05-1900:00:00

China National Vulnerability Database

www.cnvd.org.cn

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. a security vulnerability exists in Moodle, which stems from the description user field failing to hide when set to hidden. No details of the vulnerability are currently available.

CPENameOperatorVersion
Moodle Moodleeq4.0.0
Moodle Moodle >=3.9，lt3.9.14
Moodle Moodle >=3.10，lt3.10.11
Moodle Moodle >=3.11，lt3.11.7

Name	Operator	Version
Moodle Moodle	eq	4.0.0
Moodle Moodle >=3.9，	lt	3.9.14
Moodle Moodle >=3.10，	lt	3.10.11
Moodle Moodle >=3.11，	lt	3.11.7

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for CNVD-2022-54952