Lucene search
HistoryJul 17, 2012 - 10:20 a.m.
CVE-2012-0797
moodle
webservices
remote authentication
security vulnerability
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.4%
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.
Affected configurations
Node
moodlemoodleRange2.0–2.0.6
Node
moodlemoodleRange2.1–2.1.3
ORmoodlemoodleMatch2.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle:moodle | moodle | le | 2.0.6 |
Related
ubuntucve
ubuntucve
CVE-2012-0797
2012-07-17 00:00:00
veracode
veracode
Authentication Bypass
2017-06-01 02:05:00
github
github
Moodle Users Can Bypass Deleted Status
2022-05-13 01:13:04
prion
prion
Design/Logic Flaw
2012-07-17 10:20:00
osv
osv
Moodle Users Can Bypass Deleted Status
2022-05-13 01:13:04
cvelist
cvelist
CVE-2012-0797
2012-07-17 10:00:00
nvd
nvd
CVE-2012-0797
2012-07-17 10:20:53
nessus
nessus
Fedora 16 : moodle-2.0.7-1.fc16 (2012-0913)
2012-02-03 00:00:00
Fedora 15 : moodle-1.9.16-1.fc15 (2012-0939)
2012-02-03 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2012-0913
2012-04-02 00:00:00
Fedora Update for moodle FEDORA-2012-0913
2012-04-02 00:00:00
Fedora Update for moodle FEDORA-2012-0939
2012-02-03 00:00:00
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.4%
Related for CVE-2012-0797