Lucene search
HistoryApr 29, 2010 - 9:30 p.m.
CVE-2010-1617
moodle
cve-2010-1617
role check bypass
information security
vulnerability
nvd
6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
59.6%
user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
Affected configurations
Node
moodlemoodleMatch1.8.1
ORmoodlemoodleMatch1.8.2
ORmoodlemoodleMatch1.8.3
ORmoodlemoodleMatch1.8.4
ORmoodlemoodleMatch1.8.5
ORmoodlemoodleMatch1.8.6
ORmoodlemoodleMatch1.8.7
ORmoodlemoodleMatch1.8.8
ORmoodlemoodleMatch1.8.9
ORmoodlemoodleMatch1.8.10
ORmoodlemoodleMatch1.8.11
ORmoodlemoodleMatch1.9.1
ORmoodlemoodleMatch1.9.2
ORmoodlemoodleMatch1.9.3
ORmoodlemoodleMatch1.9.4
ORmoodlemoodleMatch1.9.5
ORmoodlemoodleMatch1.9.6
ORmoodlemoodleMatch1.9.7
Related
nvd
nvd
CVE-2010-1617
2010-04-29 21:30:00
prion
prion
Code injection
2010-04-29 21:30:00
cvelist
cvelist
CVE-2010-1617
2010-04-29 21:00:00
ubuntucve
ubuntucve
CVE-2010-1617
2010-04-29 00:00:00
openvas
openvas
Moodle Multiple Vulnerabilities
2010-05-19 00:00:00
Moodle Multiple Vulnerabilities
2010-05-19 00:00:00
Moodle 1.8.x < 1.8.12, 1.9.x < 1.9.8 Multiple Vulnerabilities
2010-04-12 00:00:00
nessus
nessus
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
Debian DSA-2115-1 : moodle - several vulnerabilities
2010-10-06 00:00:00
osv
osv
moodle - several vulnerabilities
2010-09-29 00:00:00
debian
debian
[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities
2010-09-29 21:04:56
[SECURITY] [DSA-2115-2] New moodle packages fix several vulnerabilities
2010-10-11 05:18:06
6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
59.6%
Related for CVE-2010-1617