CVE-2024-43430 Moodle: lack of access control when using external methods for quiz overrides

🗓️ 11 Nov 2024 12:15:36Reported by fedoraType

Flaw in Moodle allows external quiz access control overrid

Reporter	Title	Published	Views	Family All 47
Circl	CVE-2024-43430	11 Nov 202412:29	–	circl
CNNVD	Moodle 安全漏洞	11 Nov 202400:00	–	cnnvd
CNVD	Moodle Access Control Error Vulnerability	15 Nov 202400:00	–	cnvd
CVE	CVE-2024-43430	11 Nov 202412:15	–	cve
EUVD	EUVD-2024-3275	3 Oct 202520:07	–	euvd
Github Security Blog	Moodle has insufficient access control	11 Nov 202415:31	–	github
NVD	CVE-2024-43430	11 Nov 202413:15	–	nvd
OpenVAS	Moodle 4.4.x < 4.4.2 Improper Access Control Vulnerability (MSA-24-0031)	21 Aug 202400:00	–	openvas
OSV	BIT-MOODLE-2024-43430 Moodle: lack of access control when using external methods for quiz overrides	2 May 202506:18	–	osv
OSV	GHSA-JPF2-9PPP-2C49 Moodle has insufficient access control	11 Nov 202415:31	–	osv

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.1.12",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.2",
        "lessThan": "4.2.9",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.3",
        "lessThan": "4.3.6",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.4",
        "lessThan": "4.4.2",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://github.com/moodle/moodle",
    "defaultStatus": "unaffected"
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
moodle	www.moodle.org/mod/forum/discuss.php

11 Nov 2024 12:15Current

CVSS 3.15.3

EPSS0.00318