Lucene search
Veracode Vulnerability DatabaseVERACODE:4687HistoryJul 26, 2017 - 3:19 a.m.
Privilege Escalation
2017-07-2603:19:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0.002
Percentile
51.6%
Moodle is vulnerable to privilege escalation attacks. The attacks exist because the permission check for teacher are not properly handled, allowing any authenticated users with teacher role without accessallgroups capability to post any arbitrary groups.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
www.openwall.com/lists/oss-security/2015/09/21/1
www.securitytracker.com/id/1033619
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
git.moodle.org/gw?p=moodle.git;a=commit;h=cd3a6a78b67abf5c9eb355ddc7899b1b2a9b20ac
moodle.org/mod/forum/discuss.php?d=320288
Related
ubuntucve
ubuntucve
CVE-2015-5272
2016-02-22 00:00:00
prion
prion
Code injection
2016-02-22 05:59:00
cvelist
cvelist
CVE-2015-5272
2016-02-22 02:00:00
cve
cve
CVE-2015-5272
2016-02-22 05:59:10
nvd
nvd
CVE-2015-5272
2016-02-22 05:59:10
nessus
nessus
FreeBSD : moodle -- multiple vulnerabilities (c2fcbec2-5daa-11e5-9909-002590263bf5)
2015-09-18 00:00:00
Fedora 22 : moodle-2.8.9-1.fc22 (2015-2ebdd4ad8f)
2016-03-04 00:00:00
freebsd
freebsd
moodle -- multiple vulnerabilities
2015-09-14 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: moodle-2.8.9-1.fc22
2015-12-12 01:55:37
[SECURITY] Fedora 23 Update: moodle-2.9.3-1.fc23
2015-12-11 23:57:23
openvas
openvas
Fedora Update for moodle FEDORA-2015-2
2015-12-12 00:00:00