CVE-2014-0123

Опубликовано: 24 мар. 2014

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated users to perform wiki operations by leveraging the student role and using the Recent Activity block to reach the individual wiki of an arbitrary student.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия до 2.3.11 (включая)

cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.10:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.10:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.11:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.10:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00193

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2014-0123

ubuntu

больше 11 лет назад

CVE-2014-0123

debian

больше 11 лет назад

The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x ...

GHSA-2vhr-4mhq-m35c

github

около 3 лет назад

Moodle does not properly restrict access

EPSS

Процентиль: 42%

0.00193

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-264