Lucene search
Ubuntu.comUB:CVE-2015-0211HistoryJun 01, 2015 - 12:00 a.m.
CVE-2015-0211
2015-06-0100:00:00
ubuntu.com
ubuntu.com
13
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
47.2%
mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before
2.7.4, and 2.8.x before 2.8.2 does not consider the
moodle/course:manageactivities and mod/lti:addinstance capabilities before
proceeding with registered-tool list searches, which allows remote
authenticated users to obtain sensitive information via requests to the LTI
Ajax service.
Bugs
Related
prion
prion
Code injection
2015-06-01 19:59:00
veracode
veracode
Information Disclosure
2017-07-27 03:07:44
osv
osv
Moodle allows attackers to obtain sensitive information
2022-05-13 01:12:43
cve
cve
CVE-2015-0211
2015-06-01 19:59:00
cvelist
cvelist
CVE-2015-0211
2015-06-01 19:00:00
github
github
Moodle allows attackers to obtain sensitive information
2022-05-13 01:12:43
nvd
nvd
CVE-2015-0211
2015-06-01 19:59:00
nessus
nessus
Moodle < 2.6 / 2.6.x < 2.6.7 / 2.7.x < 2.7.4 / 2.8.x < 2.8.2 Multiple Vulnerabilities
2015-04-21 00:00:00
Fedora 21 : moodle-2.7.5-1.fc21 (2015-1751)
2015-02-16 00:00:00
mageia
mageia
Updated moodle package fixes security vulnerabilities
2015-01-20 17:57:33
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0032)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2015-1751
2015-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: moodle-2.7.5-1.fc21
2015-02-15 03:24:22
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
47.2%
Related for UB:CVE-2015-0211