Lucene search
Ubuntu.comUB:CVE-2011-4287HistoryJul 16, 2012 - 12:00 a.m.
CVE-2011-4287
2012-07-1600:00:00
ubuntu.com
ubuntu.com
6
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.005
Percentile
76.9%
admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force
password changes for autosubscribed users, which makes it easier for remote
attackers to obtain access by leveraging knowledge of the initial password
of a new user.
Notes
| Author | Note |
|---|---|
| jdstrand | moodle 2.0 only |
Related
prion
prion
Default credentials
2012-07-16 10:28:00
cvelist
cvelist
CVE-2011-4287
2012-07-16 10:00:00
nvd
nvd
CVE-2011-4287
2012-07-16 10:28:36
cve
cve
CVE-2011-4287
2012-07-16 10:28:36
nessus
nessus
Moodle 2.0.x < 2.0.3 Multiple Vulnerabilities
2015-04-20 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.005
Percentile
76.9%
Related for UB:CVE-2011-4287