Lucene search
China National Vulnerability DatabaseCNVD-2022-54953HistoryApr 19, 2022 - 12:00 a.m.
Moodle Access Control Error Vulnerability (CNVD-2022-54953)
2022-04-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
22.9%
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. an access control error vulnerability exists in Moodle, which stems from the calendar:manageentries feature allowing managers to access or modify any calendar event. A remote attacker could exploit the vulnerability by connecting to the Web-based management interface and requesting URLs to retrieve sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle Moodle | le | 3.8.9 | |
| moodle Moodle >=3.9.0, | lt | 3.9.12 | |
| moodle Moodle >=3.10.0, | lt | 3.10.9 | |
| moodle Moodle >=3.11.0, | lt | 3.11.5 |
Related
prion
prion
Design/Logic Flaw
2022-01-25 20:15:00
osv
osv
Insufficient user authorization in Moodle
2022-01-28 22:08:02
BIT-moodle-2022-0333
2024-03-06 11:06:04
CVE-2022-0333
2022-01-25 20:15:08
cvelist
cvelist
CVE-2022-0333
2022-01-25 19:11:11
nvd
nvd
CVE-2022-0333
2022-01-25 20:15:08
github
github
Insufficient user authorization in Moodle
2022-01-28 22:08:02
cve
cve
CVE-2022-0333
2022-01-25 20:15:08
ubuntucve
ubuntucve
CVE-2022-0333
2022-01-25 00:00:00
veracode
veracode
Access Restriction Bypass
2022-01-26 07:38:13
openvas
openvas
Moodle < 3.9.12, 3.10.x < 3.10.9, 3.11.x < 3.11.5 Multiple Vulnerabilities
2022-01-26 00:00:00
nessus
nessus
Moodle 3.11.x < 3.11.5 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.9 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.12 Multiple Vulnerabilities
2023-02-20 00:00:00