Lucene search

Ubuntu.comUB:CVE-2019-14829

HistoryMar 19, 2021 - 12:00 a.m.

CVE-2019-14829

2021-03-1900:00:00

ubuntu.com

moodle

vulnerability

activity creation

single activity mode

unsupported versions

unix

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5,
3.5 to 3.5.7 and earlier unsupported versions where activity creation
capabilities were not correctly respected when selecting the activity to
use for a course in single activity mode.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchmoodle< anyUNKNOWN
ubuntu16.04noarchmoodle< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	moodle	< any	UNKNOWN
ubuntu	16.04	noarch	moodle	< any	UNKNOWN

References

git.moodle.org/gw?p=moodle.git;a=commit;h=208397c120b6bf74ca6a173e42cb527904c5ab42

launchpad.net/bugs/cve/CVE-2019-14829

moodle.org/mod/forum/discuss.php?d=391035

nvd.nist.gov/vuln/detail/CVE-2019-14829

security-tracker.debian.org/tracker/CVE-2019-14829

www.cve.org/CVERecord?id=CVE-2019-14829

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

Related for UB:CVE-2019-14829