Lucene search
Veracode Vulnerability DatabaseVERACODE:4520HistoryJul 04, 2017 - 7:50 a.m.
Man-in-the-Middle (MitM)
2017-07-0407:50:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
Moodle is vulnerable to man-in-the-middle (MitM) attacks. The repository/s3/S3.php does not verify that the host is secure before curling to it. This can allow a malicious user to conduct a MitM attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 2.2.11 | |
| moodle/moodle | le | 2.3.8 | |
| moodle/moodle | le | 2.5.1 | |
| moodle/moodle | le | 2.4.5 |
Related
fedora
fedora
[SECURITY] Fedora 17 Update: moodle-2.2.7-1.fc17
2013-01-28 14:59:38
[SECURITY] Fedora 19 Update: moodle-2.4.6-1.fc19
2013-09-20 16:21:36
[SECURITY] Fedora 18 Update: moodle-2.3.9-1.fc18
2013-09-20 16:24:29
openvas
openvas
Fedora Update for moodle FEDORA-2013-0915
2013-01-31 00:00:00
Fedora Update for moodle FEDORA-2013-16476
2013-09-24 00:00:00
Fedora Update for moodle FEDORA-2013-0968
2013-01-31 00:00:00
ubuntucve
ubuntucve
CVE-2012-6087
2013-09-16 00:00:00
prion
prion
Code injection
2013-09-16 13:02:00
cve
cve
CVE-2012-6087
2013-09-16 13:02:00
nessus
nessus
Fedora 18 : moodle-2.3.4-1.fc18 (2013-0907)
2013-01-29 00:00:00
Fedora 16 : moodle-2.1.10-1.fc16 (2013-0915)
2013-01-29 00:00:00
Fedora 17 : moodle-2.2.7-1.fc17 (2013-0968)
2013-01-29 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
Related for VERACODE:4520