Lucene search

GitHub Advisory DatabaseGHSA-4RMJ-W58M-FVCH

HistoryMar 06, 2023 - 9:30 p.m.

Moodle vulnerable to Server-Side Request Forgery

2023-03-0621:30:18

CWE-918

GitHub Advisory Database

github.com

moodle security

ssrf risk

curl bypass

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

32.6%

JSON

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.

Affected configurations

Vulners

Node

moodlemoodleRange<3.9.8

moodlemoodleRange3.10.0-beta–3.10.5

moodlemoodleRange3.11.0-beta–3.11.1

VendorProductVersionCPE
moodlemoodle*cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moodle	moodle	*	cpe:2.3:a:moodle:moodle::::::::

References

github.com/advisories/GHSA-4rmj-w58m-fvch

moodle.org/mod/forum/discuss.php?d=424802

nvd.nist.gov/vuln/detail/CVE-2021-36396

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

32.6%

JSON

Related for GHSA-4RMJ-W58M-FVCH