Lucene search
Ubuntu.comUB:CVE-2014-7833HistoryNov 24, 2014 - 12:00 a.m.
CVE-2014-7833
2014-11-2400:00:00
ubuntu.com
ubuntu.com
11
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
52.7%
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x
before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a
database-entry change, which allows remote authenticated users to obtain
sensitive information by accessing the database after an edit by a teacher.
Related
github
github
Moodle allows attackers to obtain sensitive information
2022-05-13 01:12:41
nvd
nvd
CVE-2014-7833
2014-11-24 11:59:03
osv
osv
Moodle allows attackers to obtain sensitive information
2022-05-13 01:12:41
cvelist
cvelist
CVE-2014-7833
2014-11-24 11:00:00
prion
prion
Information disclosure
2014-11-24 11:59:00
cve
cve
CVE-2014-7833
2014-11-24 11:59:03
veracode
veracode
Information Disclosure
2017-07-28 04:57:39
nessus
nessus
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0483)
2022-01-28 00:00:00
mageia
mageia
Updated moodle package fixes security vulnerabilities
2014-11-22 13:54:50
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
52.7%
Related for UB:CVE-2014-7833