Lucene search
RedhatCVE-2014-3545HistoryJul 29, 2014 - 11:10 a.m.
CVE-2014-3545
2014-07-2911:10:32
CWE-94
redhat
web.nvd.nist.gov
32
moodle
remote code execution
vulnerability
cve-2014-3545
nvd
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.008
Percentile
81.2%
Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz.
Affected configurations
Node
moodlemoodleMatch2.7.0
Node
moodlemoodleMatch2.4.0
ORmoodlemoodleMatch2.4.1
ORmoodlemoodleMatch2.4.2
ORmoodlemoodleMatch2.4.3
ORmoodlemoodleMatch2.4.4
ORmoodlemoodleMatch2.4.5
ORmoodlemoodleMatch2.4.6
ORmoodlemoodleMatch2.4.7
ORmoodlemoodleMatch2.4.8
ORmoodlemoodleMatch2.4.9
ORmoodlemoodleMatch2.4.10
Node
moodlemoodleRange≤2.3.11
ORmoodlemoodleMatch2.3.0
ORmoodlemoodleMatch2.3.1
ORmoodlemoodleMatch2.3.2
ORmoodlemoodleMatch2.3.3
ORmoodlemoodleMatch2.3.4
ORmoodlemoodleMatch2.3.5
ORmoodlemoodleMatch2.3.6
ORmoodlemoodleMatch2.3.7
ORmoodlemoodleMatch2.3.8
ORmoodlemoodleMatch2.3.9
ORmoodlemoodleMatch2.3.10
Node
moodlemoodleMatch2.6.0
ORmoodlemoodleMatch2.6.1
ORmoodlemoodleMatch2.6.2
ORmoodlemoodleMatch2.6.3
Node
moodlemoodleMatch2.5.0
ORmoodlemoodleMatch2.5.1
ORmoodlemoodleMatch2.5.2
ORmoodlemoodleMatch2.5.3
ORmoodlemoodleMatch2.5.4
ORmoodlemoodleMatch2.5.5
ORmoodlemoodleMatch2.5.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | 2.7.0 | cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.0 | cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.1 | cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.2 | cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.3 | cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.4 | cpe:2.3:a:moodle:moodle:2.4.4:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.5 | cpe:2.3:a:moodle:moodle:2.4.5:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.6 | cpe:2.3:a:moodle:moodle:2.4.6:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.7 | cpe:2.3:a:moodle:moodle:2.4.7:*:*:*:*:*:*:* |
| moodle | moodle | 2.4.8 | cpe:2.3:a:moodle:moodle:2.4.8:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2014-3545
2014-07-29 00:00:00
prion
prion
Code injection
2014-07-29 11:10:00
nvd
nvd
CVE-2014-3545
2014-07-29 11:10:32
veracode
veracode
Remote Code Execution (RCE)
2017-07-25 20:10:56
cvelist
cvelist
CVE-2014-3545
2014-07-29 10:00:00
github
github
Moodle remote code execution via quiz questions
2022-05-13 01:12:40
osv
osv
Moodle remote code execution via quiz questions
2022-05-13 01:12:40
nessus
nessus
Moodle < 2.4 / 2.4.x < 2.4.11 / 2.5.x < 2.5.7 / 2.6.x < 2.6.4 / 2.7.x < 2.7.1 Multiple Vulnerabilities
2015-04-20 00:00:00
Fedora 20 : moodle-2.5.7-1.fc20 (2014-8601)
2014-07-31 00:00:00
Fedora 19 : moodle-2.4.11-1.fc19 (2014-8609)
2014-07-31 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0308)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2014-15102
2014-11-26 00:00:00
Fedora Update for moodle FEDORA-2014-10802
2014-10-01 00:00:00
mageia
mageia
Updated moodle package fixes security vulnerabilities
2014-08-06 00:08:48
fedora
fedora
[SECURITY] Fedora 20 Update: moodle-2.5.9-1.fc20
2014-11-25 15:30:01
[SECURITY] Fedora 20 Update: moodle-2.5.8-1.fc20
2014-09-25 10:46:26
[SECURITY] Fedora 20 Update: moodle-2.5.7-1.fc20
2014-07-30 07:03:13
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.008
Percentile
81.2%
Related for CVE-2014-3545