Lucene search
GoogleOSV:CVE-2024-34003HistoryMay 31, 2024 - 9:15 p.m.
CVE-2024-34003
2024-05-3121:15:00
Google
osv.dev
1
shared hosting
misconfiguration
moodle
local file include
web server
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
7.1
Confidence
Low
In a shared hosting environment that has been misconfigured to allow access to other users’ content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file include.
Related
nvd
nvd
CVE-2024-34003
2024-05-31 21:15:09
veracode
veracode
Exposure Of Sensitive Information To An Unauthorized Actor
2024-06-07 07:33:44
cve
cve
CVE-2024-34003
2024-05-31 21:15:09
vulnrichment
vulnrichment
github
github
osv
osv
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2024-34003
2024-05-31 00:00:00
openvas
openvas
Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities
2024-05-14 00:00:00
redos
redos
ROS-20240701-03
2024-07-01 00:00:00
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
7.1
Confidence
Low
Related for OSV:CVE-2024-34003