Lucene search
PRIOn knowledge basePRION:CVE-2020-25701HistoryNov 19, 2020 - 5:15 p.m.
Design/Logic Flaw
2020-11-1917:15:00
PRIOn knowledge base
www.prio-n.com
5
If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.
References
bugzilla.redhat.com/show_bug.cgi?id=1895432
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413939
Related
nvd
nvd
CVE-2020-25701
2020-11-19 17:15:12
github
github
Privilage Escalation in moodle
2021-03-29 20:42:55
osv
osv
CVE-2020-25701
2020-11-19 17:15:12
Privilage Escalation in moodle
2021-03-29 20:42:55
BIT-moodle-2020-25701
2024-03-06 11:11:31
cve
cve
CVE-2020-25701
2020-11-19 17:15:12
veracode
veracode
Privilege Escalation
2020-11-20 03:33:25
ubuntucve
ubuntucve
CVE-2020-25701
2020-11-19 00:00:00
cvelist
cvelist
CVE-2020-25701
2020-11-19 16:10:53
openvas
openvas
Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities
2020-11-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-db73e37548)
2020-11-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-304aa2c365)
2020-11-28 00:00:00
nessus
nessus
Fedora 32 : moodle (2020-db73e37548)
2020-11-30 00:00:00
Fedora 33 : moodle (2020-304aa2c365)
2020-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: moodle-3.8.6-1.fc32
2020-11-28 02:10:53
[SECURITY] Fedora 33 Update: moodle-3.9.3-1.fc33
2020-11-28 02:04:40