Lucene search
RedhatCVE-2013-1832HistoryMar 25, 2013 - 9:55 p.m.
CVE-2013-1832
2013-03-2521:55:04
CWE-200
redhat
web.nvd.nist.gov
26
moodle
webdav
cve-2013-1832
information security
configuration vulnerability
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
48.7%
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Affected configurations
Node
moodlemoodleMatch2.0.0
ORmoodlemoodleMatch2.0.1
ORmoodlemoodleMatch2.0.2
ORmoodlemoodleMatch2.0.3
ORmoodlemoodleMatch2.0.4
ORmoodlemoodleMatch2.0.5
ORmoodlemoodleMatch2.0.6
ORmoodlemoodleMatch2.0.7
ORmoodlemoodleMatch2.0.8
ORmoodlemoodleMatch2.0.9
ORmoodlemoodleMatch2.1.0
ORmoodlemoodleMatch2.1.1
ORmoodlemoodleMatch2.1.2
ORmoodlemoodleMatch2.1.3
ORmoodlemoodleMatch2.1.4
ORmoodlemoodleMatch2.1.5
ORmoodlemoodleMatch2.1.6
ORmoodlemoodleMatch2.1.7
ORmoodlemoodleMatch2.1.8
ORmoodlemoodleMatch2.1.9
ORmoodlemoodleMatch2.1.10
Node
moodlemoodleMatch2.2.0
ORmoodlemoodleMatch2.2.1
ORmoodlemoodleMatch2.2.2
ORmoodlemoodleMatch2.2.3
ORmoodlemoodleMatch2.2.4
ORmoodlemoodleMatch2.2.5
ORmoodlemoodleMatch2.2.6
ORmoodlemoodleMatch2.2.7
Node
moodlemoodleMatch2.3.0
ORmoodlemoodleMatch2.3.1
ORmoodlemoodleMatch2.3.2
ORmoodlemoodleMatch2.3.3
ORmoodlemoodleMatch2.3.4
Node
moodlemoodleMatch2.4.0
ORmoodlemoodleMatch2.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | 2.0.0 | cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.1 | cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.2 | cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.3 | cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.4 | cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.5 | cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.6 | cpe:2.3:a:moodle:moodle:2.0.6:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.7 | cpe:2.3:a:moodle:moodle:2.0.7:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.8 | cpe:2.3:a:moodle:moodle:2.0.8:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.9 | cpe:2.3:a:moodle:moodle:2.0.9:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2013-1832
2013-03-25 21:00:00
veracode
veracode
Information Disclosure
2017-07-05 13:08:43
prion
prion
Default credentials
2013-03-25 21:55:00
nvd
nvd
CVE-2013-1832
2013-03-25 21:55:04
ubuntucve
ubuntucve
CVE-2013-1832
2013-03-11 00:00:00
osv
osv
Moodle includes the WebDAV password in the configuration form
2022-05-13 01:12:57
github
github
Moodle includes the WebDAV password in the configuration form
2022-05-13 01:12:57
nessus
nessus
Fedora 18 : moodle-2.3.6-1.fc18 (2013-4387)
2013-04-03 00:00:00
Fedora 17 : moodle-2.2.9-1.fc17 (2013-4404)
2013-04-03 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4404
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: moodle-2.3.6-1.fc18
2013-04-03 04:44:25
[SECURITY] Fedora 17 Update: moodle-2.2.9-1.fc17
2013-04-03 04:26:27
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
48.7%
Related for CVE-2013-1832