Lucene search
Veracode Vulnerability DatabaseVERACODE:4738HistoryJul 27, 2017 - 2:57 a.m.
Bypass Access Restrictions
2017-07-2702:57:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
Moodle is vulnerable to bypassing of access restrictions. The bypass exists because the application does not check the moodle/tag:flag capability for fthe laginappropriate action, allowing any authenticated users to bypass access restrictions by using the “Flag as inappropriate” feature.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 2.5.9 | |
| moodle/moodle | le | 2.6.8 | |
| moodle/moodle | le | 2.8.3 | |
| moodle/moodle | le | 2.7.5 |
Related
ubuntucve
ubuntucve
CVE-2015-2271
2015-06-01 00:00:00
cve
cve
CVE-2015-2271
2015-06-01 19:59:00
github
github
Moodle does not consider the moodle/tag:flag capability
2022-05-13 01:12:45
osv
osv
Moodle does not consider the moodle/tag:flag capability
2022-05-13 01:12:45
prion
prion
Design/Logic Flaw
2015-06-01 19:59:00
nessus
nessus
Moodle < 2.6 / 2.6.x < 2.6.9 / 2.7.x < 2.7.6 / 2.8.x < 2.8.4 Multiple Vulnerabilities
2015-04-21 00:00:00
Fedora 20 : moodle-2.6.10-1.fc20 (2015-4530)
2015-04-07 00:00:00
Fedora 22 : moodle-2.8.5-1.fc22 (2015-4613)
2015-04-22 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: moodle-2.7.7-1.fc21
2015-04-05 14:33:57
[SECURITY] Fedora 22 Update: moodle-2.8.5-1.fc22
2015-04-21 18:26:37
[SECURITY] Fedora 20 Update: moodle-2.6.10-1.fc20
2015-04-05 14:29:57
mageia
mageia
Updated moodle packages fix security vulnerabilities
2015-03-19 02:01:47
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0110)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2015-4613
2015-07-07 00:00:00
Fedora Update for moodle FEDORA-2015-4724
2015-04-06 00:00:00
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
Related for VERACODE:4738