Lucene search

K
cveRedhatCVE-2015-3175
HistoryJun 01, 2015 - 7:59 p.m.

CVE-2015-3175

2015-06-0119:59:18
redhat
web.nvd.nist.gov
29
moodle
open redirect
cve-2015-3175
security vulnerability
phishing attack
nvd

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

71.8%

Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header.

Affected configurations

Nvd
Node
moodlemoodleRange2.5.9
OR
moodlemoodleMatch2.5.0
OR
moodlemoodleMatch2.5.1
OR
moodlemoodleMatch2.5.2
OR
moodlemoodleMatch2.5.3
OR
moodlemoodleMatch2.5.4
OR
moodlemoodleMatch2.5.5
OR
moodlemoodleMatch2.5.6
OR
moodlemoodleMatch2.5.7
OR
moodlemoodleMatch2.5.8
OR
moodlemoodleMatch2.6.0
OR
moodlemoodleMatch2.6.1
OR
moodlemoodleMatch2.6.2
OR
moodlemoodleMatch2.6.3
OR
moodlemoodleMatch2.6.4
OR
moodlemoodleMatch2.6.5
OR
moodlemoodleMatch2.6.6
OR
moodlemoodleMatch2.6.7
OR
moodlemoodleMatch2.6.8
OR
moodlemoodleMatch2.6.9
OR
moodlemoodleMatch2.6.10
OR
moodlemoodleMatch2.7.0
OR
moodlemoodleMatch2.7.1
OR
moodlemoodleMatch2.7.2
OR
moodlemoodleMatch2.7.3
OR
moodlemoodleMatch2.7.4
OR
moodlemoodleMatch2.7.5
OR
moodlemoodleMatch2.7.6
OR
moodlemoodleMatch2.7.7
OR
moodlemoodleMatch2.8.0
OR
moodlemoodleMatch2.8.1
OR
moodlemoodleMatch2.8.2
OR
moodlemoodleMatch2.8.3
OR
moodlemoodleMatch2.8.4
OR
moodlemoodleMatch2.8.5
VendorProductVersionCPE
moodlemoodle*cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
moodlemoodle2.5.0cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*
moodlemoodle2.5.1cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:*
moodlemoodle2.5.2cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:*
moodlemoodle2.5.3cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:*
moodlemoodle2.5.4cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:*
moodlemoodle2.5.5cpe:2.3:a:moodle:moodle:2.5.5:*:*:*:*:*:*:*
moodlemoodle2.5.6cpe:2.3:a:moodle:moodle:2.5.6:*:*:*:*:*:*:*
moodlemoodle2.5.7cpe:2.3:a:moodle:moodle:2.5.7:*:*:*:*:*:*:*
moodlemoodle2.5.8cpe:2.3:a:moodle:moodle:2.5.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 351

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

71.8%