Lucene search
RedhatCVE-2020-1755HistoryAug 16, 2022 - 9:15 p.m.
CVE-2020-1755
2022-08-1621:15:09
CWE-345
redhat
web.nvd.nist.gov
35
5
moodle
cve-2020-1755
ip spoofing
x-forwarded-for
security vulnerability
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
31.3%
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user’s IP, in order to bypass remote address checks.
Affected configurations
Node
moodlemoodleRange3.5.0–3.5.11
ORmoodlemoodleRange3.6.0–3.6.9
ORmoodlemoodleRange3.7.0–3.7.5
ORmoodlemoodleRange3.8.0–3.8.2
CNA Affected
[
{
"product": "Moodle",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.8 to 3.8.1, 3.7 to 3.7.4, 3.6 to 3.6.8, 3.5 to 3.5.10 and earlier unsupported versions"
}
]
}
]Social References
More
Related
osv
osv
BIT-moodle-2020-1755
2024-03-06 11:12:08
CVE-2020-1755
2022-08-16 21:15:09
prion
prion
Design/Logic Flaw
2022-08-16 21:15:00
cvelist
cvelist
CVE-2020-1755
2022-08-16 19:29:48
nvd
nvd
CVE-2020-1755
2022-08-16 21:15:09
veracode
veracode
Spoofing Attacks
2022-08-17 08:19:39
ubuntucve
ubuntucve
CVE-2020-1755
2022-08-16 00:00:00
openvas
openvas
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
31.3%
Related for CVE-2020-1755