Lucene search
HistoryJul 17, 2012 - 10:20 a.m.
CVE-2012-0798
cve-2012-0798
moodle
self-enrolment
role escalation
nvd
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.8%
The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
Affected configurations
Node
moodlemoodleMatch2.1.0
ORmoodlemoodleMatch2.1.1
ORmoodlemoodleMatch2.1.2
ORmoodlemoodleMatch2.1.3
ORmoodlemoodleMatch2.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle:moodle | moodle | eq | 2.1.0 |
| moodle:moodle | moodle | eq | 2.1.1 |
| moodle:moodle | moodle | eq | 2.1.2 |
| moodle:moodle | moodle | eq | 2.1.3 |
| moodle:moodle | moodle | eq | 2.2.0 |
Related
nvd
nvd
CVE-2012-0798
2012-07-17 10:20:53
veracode
veracode
Privilege Escalation
2017-05-29 07:16:33
ubuntucve
ubuntucve
CVE-2012-0798
2012-07-17 00:00:00
prion
prion
Design/Logic Flaw
2012-07-17 10:20:00
cvelist
cvelist
CVE-2012-0798
2012-07-17 10:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: moodle-1.9.16-1.fc15
2012-02-02 17:21:30
[SECURITY] Fedora 16 Update: moodle-2.0.7-1.fc16
2012-02-02 17:27:16
openvas
openvas
Fedora Update for moodle FEDORA-2012-0939
2012-02-03 00:00:00
Fedora Update for moodle FEDORA-2012-0939
2012-02-03 00:00:00
Fedora Update for moodle FEDORA-2012-0913
2012-04-02 00:00:00
nessus
nessus
Fedora 16 : moodle-2.0.7-1.fc16 (2012-0913)
2012-02-03 00:00:00
Fedora 15 : moodle-1.9.16-1.fc15 (2012-0939)
2012-02-03 00:00:00
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.8%
Related for CVE-2012-0798