CVE-2012-0798

2012-07-1710:20:53

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

46.6%

JSON

The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.

Affected configurations

Nvd

Node

moodlemoodleMatch2.1.0

moodlemoodleMatch2.1.1

moodlemoodleMatch2.1.2

moodlemoodleMatch2.1.3

moodlemoodleMatch2.2.0

VendorProductVersionCPE
moodlemoodle2.1.0cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
moodlemoodle2.1.1cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
moodlemoodle2.1.2cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
moodlemoodle2.1.3cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*
moodlemoodle2.2.0cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moodle	moodle	2.1.0	cpe:2.3:a:moodle:moodle:2.1.0:::::::*
moodle	moodle	2.1.1	cpe:2.3:a:moodle:moodle:2.1.1:::::::*
moodle	moodle	2.1.2	cpe:2.3:a:moodle:moodle:2.1.2:::::::*
moodle	moodle	2.1.3	cpe:2.3:a:moodle:moodle:2.1.3:::::::*
moodle	moodle	2.2.0	cpe:2.3:a:moodle:moodle:2.2.0:::::::*