Lucene search
PRIOn knowledge basePRION:CVE-2011-4585HistoryJul 20, 2012 - 10:40 a.m.
Design/Logic Flaw
2012-07-2010:40:00
PRIOn knowledge base
www.prio-n.com
1
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
71.6%
login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials by sniffing the network.
Related
ubuntucve
ubuntucve
CVE-2011-4585
2012-07-20 00:00:00
cve
cve
CVE-2011-4585
2012-07-20 10:40:00
fedora
fedora
[SECURITY] Fedora 15 Update: moodle-1.9.15-1.fc15
2011-12-21 17:10:35
[SECURITY] Fedora 16 Update: moodle-2.0.6-1.fc16
2011-12-21 17:11:48
openvas
openvas
Debian Security Advisory DSA 2421-1 (moodle)
2012-03-12 00:00:00
Debian: Security Advisory (DSA-2421-1)
2012-03-12 00:00:00
Fedora Update for moodle FEDORA-2011-16833
2012-04-02 00:00:00
debian
debian
[SECURITY] [DSA 2421-1] moodle security update
2012-02-29 20:39:11
osv
osv
moodle - several
2012-02-29 00:00:00
nessus
nessus
Debian DSA-2421-1 : moodle - several vulnerabilities
2012-03-01 00:00:00
Fedora 15 : moodle-1.9.15-1.fc15 (2011-16903)
2011-12-22 00:00:00
Fedora 16 : moodle-2.0.6-1.fc16 (2011-16833)
2011-12-22 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2421-1] moodle security update
2012-03-19 00:00:00
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
71.6%
Related for PRION:CVE-2011-4585