Lucene search
Ubuntu.comUB:CVE-2014-7831HistoryNov 24, 2014 - 12:00 a.m.
CVE-2014-7831
2014-11-2400:00:00
ubuntu.com
ubuntu.com
11
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
52.7%
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not
consider the moodle/grade:viewhidden capability before displaying hidden
grades, which allows remote authenticated users to obtain sensitive
information by leveraging the student role to access the get_grades web
service.
Related
veracode
veracode
Grade Information Leakage
2017-07-24 07:37:13
nvd
nvd
CVE-2014-7831
2014-11-24 11:59:01
prion
prion
Code injection
2014-11-24 11:59:00
cvelist
cvelist
CVE-2014-7831
2014-11-24 11:00:00
github
github
Moodle exposes hidden grades to students
2022-05-13 01:12:41
cve
cve
CVE-2014-7831
2014-11-24 11:59:01
nessus
nessus
Moodle 2.7.x < 2.7.3 Information Disclosure
2015-04-20 00:00:00
osv
osv
Moodle exposes hidden grades to students
2022-05-13 01:12:41
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
52.7%
Related for UB:CVE-2014-7831