CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
32.7%
Moodle CMS is prone to multiple vulnerabilities.
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if( description )
{
script_oid("1.3.6.1.4.1.25623.1.0.113186");
script_version("2024-02-09T05:06:25+0000");
script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
script_tag(name:"creation_date", value:"2018-05-15 11:42:45 +0200 (Tue, 15 May 2018)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2017-09-21 15:11:00 +0000 (Thu, 21 Sep 2017)");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
script_cve_id("CVE-2017-12156", "CVE-2017-12157");
script_name("Moodle 3.x Multiple Vulnerabilities (Sep 2017) - Windows");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("Web application abuses");
script_dependencies("gb_moodle_cms_detect.nasl", "os_detection.nasl");
script_mandatory_keys("moodle/detected", "Host/runs_windows");
script_tag(name:"summary", value:"Moodle CMS is prone to multiple vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The following vulnerabilities exist:
Form on the feedback 'non-respondents' page does not escape the value of subject thus creating self-XSS.
This can be used to attack another user by tricking them into opening malicious URL whilst in an open Moodle session.
Number of course reports allowed teachers to view details about users in the groups they can't access.
user_can_view_profile() incorrectly assumes $course as shared course. This fix may affect plugins using this API function,
there is no exploit in standard Moodle.");
script_tag(name:"affected", value:"Moodle versions through 3.1.7, 3.2.0 through 3.2.4 and 3.3.0 through 3.3.1.");
script_tag(name:"solution", value:"Update to version 3.1.8, 3.2.5 or 3.3.2 respectively.");
script_xref(name:"URL", value:"https://moodle.org/mod/forum/discuss.php?d=358585");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/100848");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/100867");
script_xref(name:"URL", value:"https://moodle.org/mod/forum/discuss.php?d=358586");
script_xref(name:"URL", value:"https://moodle.org/mod/forum/discuss.php?d=358587");
exit(0);
}
CPE = "cpe:/a:moodle:moodle";
include( "host_details.inc" );
include( "version_func.inc" );
if( ! port = get_app_port( cpe: CPE ) ) exit( 0 );
if( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) ) exit( 0 );
version = infos['version'];
path = infos['location'];
if( version_is_less( version: version, test_version: "3.1.8" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "3.1.8", install_path: path );
security_message( data: report, port: port );
exit( 0 );
}
if( version_in_range( version: version, test_version: "3.2.0", test_version2: "3.2.4" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "3.2.5", install_path: path );
security_message( data: report, port: port );
exit( 0 );
}
if( version_in_range( version: version, test_version: "3.3.0", test_version2: "3.3.1" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "3.3.2", install_path: path );
security_message( data: report, port: port );
exit( 0 );
}
exit( 99 );
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
32.7%