Lucene search
Veracode Vulnerability DatabaseVERACODE:33910HistoryJan 26, 2022 - 8:05 a.m.
Privilege Escalation
2022-01-2608:05:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
22.9%
Moodle is vulnerable to privilege escalation. Lack of proper access permission check for view grades allows users to access grade report for courses where they did not have the required gradereport/user:view capability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | v3.11.4 | |
| moodle/moodle | le | 3.10.8 | |
| moodle/moodle | le | v3.9.11 | |
| moodle/moodle | le | v3.11.4 | |
| moodle/moodle | le | 3.10.8 | |
| moodle/moodle | le | v3.9.11 |
Related
cve
cve
CVE-2022-0334
2022-01-25 20:15:08
ubuntucve
ubuntucve
CVE-2022-0334
2022-01-25 00:00:00
osv
osv
BIT-moodle-2022-0334
2024-03-06 11:05:55
CVE-2022-0334
2022-01-25 20:15:08
Insufficient user authorization in Moodle
2022-01-28 22:07:40
cnvd
cnvd
Moodle Access Control Error Vulnerability (CNVD-2022-09259)
2022-01-26 00:00:00
github
github
Insufficient user authorization in Moodle
2022-01-28 22:07:40
cvelist
cvelist
CVE-2022-0334
2022-01-25 19:11:11
nvd
nvd
CVE-2022-0334
2022-01-25 20:15:08
prion
prion
Design/Logic Flaw
2022-01-25 20:15:00
openvas
openvas
Moodle < 3.9.12, 3.10.x < 3.10.9, 3.11.x < 3.11.5 Multiple Vulnerabilities
2022-01-26 00:00:00
nessus
nessus
Moodle 3.11.x < 3.11.5 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.9 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.12 Multiple Vulnerabilities
2023-02-20 00:00:00