CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
51.8%
The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516
www.openwall.com/lists/oss-security/2015/09/21/1
github.com/advisories/GHSA-mm9q-3847-m48x
github.com/moodle/moodle/commit/3071f085918dfeabb154596362dab2648ec6ad84
github.com/moodle/moodle/commit/343ed5b929ff8a68efe076505cd3e52d951f7869
github.com/moodle/moodle/commit/39b50f7d3eea43266a3d0c09590e48624e69a091
github.com/moodle/moodle/commit/67e3f70bb11382fc0f1eaf1a160c349269e370cc
github.com/moodle/moodle/commit/9d5b339126586eddeced463c81295146e231a3c4
github.com/moodle/moodle/commit/9fd13426926fd882d3f024cb7171802ef2b3814d
github.com/moodle/moodle/commit/ca74203efd51be6467091d9af762a31a7cad5840
github.com/moodle/moodle/commit/cd3a6a78b67abf5c9eb355ddc7899b1b2a9b20ac
github.com/moodle/moodle/commit/e7288eaabe77e04157f702b20fd0a7e9ce7067ca
github.com/moodle/moodle/commit/f9cc721dfd761ee34209cf58838079b9b550b356
moodle.org/mod/forum/discuss.php?d=320287
nvd.nist.gov/vuln/detail/CVE-2015-5264
web.archive.org/web/20160323063809/www.securitytracker.com/id/1033619
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
51.8%