Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-1616
HistoryApr 29, 2010 - 12:00 a.m.

CVE-2010-1616

2010-04-2900:00:00
ubuntu.com
ubuntu.com
8

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

50.4%

Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a
course, which allows teachers to create new accounts even if they do not
have the moodle/user:create capability.

Notes

Author Note
kees MSA-10-0004 http://tracker.moodle.org/browse/MDL-16658 http://tracker.moodle.org/browse/MDL-19233

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

50.4%