CVE-2024-45690 Moodle: idor when deleting oauth2 linked accounts

🗓️ 20 Nov 2024 10:23:38Reported by fedoraType

Flaw in Moodle OAuth2 account deletio

Reporter	Title	Published	Views	Family All 50
BDU FSTEC	The vulnerability of the virtual learning environment Moodle, related to lack of access control, allows a intruder to gain unauthorized access to limited functional capabilities.	26 Nov 202400:00	–	bdu_fstec
Circl	CVE-2024-45690	20 Nov 202410:30	–	circl
CNNVD	Moodle 安全漏洞	20 Nov 202400:00	–	cnnvd
CVE	CVE-2024-45690	20 Nov 202410:23	–	cve
Github Security Blog	Moodle IDOR when deleting OAuth2 linked accounts	20 Nov 202412:30	–	github
NVD	CVE-2024-45690	20 Nov 202411:15	–	nvd
OpenVAS	Moodle < 4.1.13, 4.2.x < 4.2.10, 4.3.x < 4.3.7, 4.4.x < 4.4.3 Multiple Vulnerabilities	11 Sep 202400:00	–	openvas
OSV	BIT-MOODLE-2024-45690 Moodle: idor when deleting oauth2 linked accounts	3 Jun 202514:59	–	osv
OSV	GHSA-FHG2-R2H9-H7Q8 Moodle IDOR when deleting OAuth2 linked accounts	20 Nov 202412:30	–	osv
OSV	UBUNTU-CVE-2024-45690	20 Nov 202411:15	–	osv

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.1.13",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.2",
        "lessThan": "4.2.10",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.3",
        "lessThan": "4.3.7",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.4",
        "lessThan": "4.4.3",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://github.com/moodle/moodle",
    "defaultStatus": "unaffected"
  }
]

Source	Link
moodle	www.moodle.org/security/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

20 Nov 2024 10:23Current

EPSS0.00393