Lucene search
HistoryApr 29, 2010 - 9:30 p.m.
CVE-2010-1613
cve-2010-1613
moodle
session fixation
security
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the “Regenerate session id during login” setting by default, which makes it easier for remote attackers to conduct session fixation attacks.
Affected configurations
Node
moodlemoodleMatch1.8.1
ORmoodlemoodleMatch1.8.2
ORmoodlemoodleMatch1.8.3
ORmoodlemoodleMatch1.8.4
ORmoodlemoodleMatch1.8.5
ORmoodlemoodleMatch1.8.6
ORmoodlemoodleMatch1.8.7
ORmoodlemoodleMatch1.8.8
ORmoodlemoodleMatch1.8.9
ORmoodlemoodleMatch1.8.10
ORmoodlemoodleMatch1.8.11
ORmoodlemoodleMatch1.9.1
ORmoodlemoodleMatch1.9.2
ORmoodlemoodleMatch1.9.3
ORmoodlemoodleMatch1.9.4
ORmoodlemoodleMatch1.9.5
ORmoodlemoodleMatch1.9.6
ORmoodlemoodleMatch1.9.7
Related
cvelist
cvelist
CVE-2010-1613
2010-04-29 21:00:00
nvd
nvd
CVE-2010-1613
2010-04-29 21:30:00
ubuntucve
ubuntucve
CVE-2010-1613
2010-04-29 00:00:00
prion
prion
Session fixation
2010-04-29 21:30:00
openvas
openvas
Moodle Session Fixation Vulnerability
2010-05-19 00:00:00
Moodle Session Fixation Vulnerability
2010-05-19 00:00:00
Moodle 1.8.x < 1.8.12, 1.9.x < 1.9.8 Multiple Vulnerabilities
2010-04-12 00:00:00
nessus
nessus
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
Debian DSA-2115-1 : moodle - several vulnerabilities
2010-10-06 00:00:00
debian
debian
[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities
2010-09-29 21:04:56
[SECURITY] [DSA-2115-2] New moodle packages fix several vulnerabilities
2010-10-11 05:18:06
osv
osv
moodle - several vulnerabilities
2010-09-29 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Related for CVE-2010-1613