Lucene search
RedhatCVE-2015-3180HistoryJun 01, 2015 - 7:59 p.m.
CVE-2015-3180
2015-06-0119:59:22
CWE-200
redhat
web.nvd.nist.gov
34
cve
2015
3180
moodle
security
information security
vulnerability
nvd
remote access
sensitive information
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
59.2%
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.
Affected configurations
Node
moodlemoodleRange≤2.5.9
ORmoodlemoodleMatch2.5.0
ORmoodlemoodleMatch2.5.1
ORmoodlemoodleMatch2.5.2
ORmoodlemoodleMatch2.5.3
ORmoodlemoodleMatch2.5.4
ORmoodlemoodleMatch2.5.5
ORmoodlemoodleMatch2.5.6
ORmoodlemoodleMatch2.5.7
ORmoodlemoodleMatch2.5.8
ORmoodlemoodleMatch2.6.0
ORmoodlemoodleMatch2.6.1
ORmoodlemoodleMatch2.6.2
ORmoodlemoodleMatch2.6.3
ORmoodlemoodleMatch2.6.4
ORmoodlemoodleMatch2.6.5
ORmoodlemoodleMatch2.6.6
ORmoodlemoodleMatch2.6.7
ORmoodlemoodleMatch2.6.8
ORmoodlemoodleMatch2.6.9
ORmoodlemoodleMatch2.6.10
ORmoodlemoodleMatch2.7.0
ORmoodlemoodleMatch2.7.1
ORmoodlemoodleMatch2.7.2
ORmoodlemoodleMatch2.7.3
ORmoodlemoodleMatch2.7.4
ORmoodlemoodleMatch2.7.5
ORmoodlemoodleMatch2.7.6
ORmoodlemoodleMatch2.7.7
ORmoodlemoodleMatch2.8.0
ORmoodlemoodleMatch2.8.1
ORmoodlemoodleMatch2.8.2
ORmoodlemoodleMatch2.8.3
ORmoodlemoodleMatch2.8.4
ORmoodlemoodleMatch2.8.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | * | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.0 | cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.1 | cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.2 | cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.3 | cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.4 | cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.5 | cpe:2.3:a:moodle:moodle:2.5.5:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.6 | cpe:2.3:a:moodle:moodle:2.5.6:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.7 | cpe:2.3:a:moodle:moodle:2.5.7:*:*:*:*:*:*:* |
| moodle | moodle | 2.5.8 | cpe:2.3:a:moodle:moodle:2.5.8:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-3180
2015-06-01 19:00:00
osv
osv
Moodle allows attackers to obtain sensitive course-structure information
2022-05-13 01:12:46
veracode
veracode
Sensitive Course Structure Information Disclosure
2017-07-25 08:48:12
nvd
nvd
CVE-2015-3180
2015-06-01 19:59:22
prion
prion
Design/Logic Flaw
2015-06-01 19:59:00
ubuntucve
ubuntucve
CVE-2015-3180
2015-06-01 00:00:00
github
github
Moodle allows attackers to obtain sensitive course-structure information
2022-05-13 01:12:46
nessus
nessus
Moodle 2.6.x < 2.6.11 / 2.7.x < 2.7.8 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.8.x < 2.8.6 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 21 : moodle-2.7.9-1.fc21 (2015-14996)
2015-09-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0229)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2015-14988
2015-09-16 00:00:00
Fedora Update for moodle FEDORA-2015-14996
2015-09-16 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerabilities
2015-05-18 22:08:05
fedora
fedora
[SECURITY] Fedora 23 Update: moodle-2.9.1-1.fc23
2015-09-18 19:33:20
[SECURITY] Fedora 21 Update: moodle-2.7.9-1.fc21
2015-09-15 21:22:02
[SECURITY] Fedora 22 Update: moodle-2.8.7-1.fc22
2015-09-15 19:54:05
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
59.2%
Related for CVE-2015-3180