Lucene search
RedhatCVE-2012-5471HistoryNov 21, 2012 - 12:55 p.m.
CVE-2012-5471
2012-11-2112:55:02
CWE-264
redhat
web.nvd.nist.gov
22
cve-2012-5471
dropbox repository
file picker
moodle
remote authenticated users
unattended workstation
security vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
67.9%
The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
Affected configurations
Node
moodlemoodleMatch2.1.0
ORmoodlemoodleMatch2.1.1
ORmoodlemoodleMatch2.1.2
ORmoodlemoodleMatch2.1.3
ORmoodlemoodleMatch2.1.4
ORmoodlemoodleMatch2.1.5
ORmoodlemoodleMatch2.1.6
ORmoodlemoodleMatch2.1.7
ORmoodlemoodleMatch2.1.8
Node
moodlemoodleMatch2.2.0
ORmoodlemoodleMatch2.2.1
ORmoodlemoodleMatch2.2.2
ORmoodlemoodleMatch2.2.3
ORmoodlemoodleMatch2.2.4
ORmoodlemoodleMatch2.2.5
Node
moodlemoodleMatch2.3.0
ORmoodlemoodleMatch2.3.1
ORmoodlemoodleMatch2.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | 2.1.0 | cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.1 | cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.2 | cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.3 | cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.4 | cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.5 | cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.6 | cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.7 | cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.8 | cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:* |
| moodle | moodle | 2.2.0 | cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:* |
Related
fedora
fedora
[SECURITY] Fedora 18 Update: moodle-2.3.3-1.fc18
2012-11-27 05:05:22
[SECURITY] Fedora 17 Update: moodle-2.2.6-1.fc17
2012-11-28 11:27:30
[SECURITY] Fedora 16 Update: moodle-2.1.9-1.fc16
2012-11-28 11:36:40
veracode
veracode
Authorization Bypass
2017-07-03 09:08:06
openvas
openvas
Fedora Update for moodle FEDORA-2012-18570
2012-11-29 00:00:00
Fedora Update for moodle FEDORA-2012-18525
2012-11-29 00:00:00
Fedora Update for moodle FEDORA-2012-18570
2012-11-29 00:00:00
osv
osv
Moodle Allows Unauthenticated Dropbox Access
2022-05-13 01:13:01
cvelist
cvelist
CVE-2012-5471
2012-11-21 11:00:00
prion
prion
Design/Logic Flaw
2012-11-21 12:55:00
nessus
nessus
Fedora 17 : moodle-2.2.6-1.fc17 (2012-18525)
2012-11-29 00:00:00
Fedora 16 : moodle-2.1.9-1.fc16 (2012-18570)
2012-11-29 00:00:00
Fedora 18 : moodle-2.3.3-1.fc18 (2012-18598)
2012-11-27 00:00:00
nvd
nvd
CVE-2012-5471
2012-11-21 12:55:02
github
github
Moodle Allows Unauthenticated Dropbox Access
2022-05-13 01:13:01
ubuntucve
ubuntucve
CVE-2012-5471
2012-11-21 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
67.9%
Related for CVE-2012-5471