CVE-2009-4304

Опубликовано: 16 дек. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01245

Низкий

7.5 High

CVSS2

Дефекты

CWE-255

Связанные уязвимости

CVE-2009-4304

ubuntu

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

CVE-2009-4304

redhat

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

CVE-2009-4304

debian

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random pa ...

GHSA-gmx9-p92v-48wf

github

около 3 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

EPSS

Процентиль: 78%

0.01245

Низкий

7.5 High

CVSS2

Дефекты

CWE-255