CVE-2014-7845

2014-11-24T11:59:00
ID CVE-2014-7845
Type cve
Reporter cve@mitre.org
Modified 2015-09-03T14:27:00

Description

The generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack.