Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-3179

Опубликовано: 01 июн. 2015
Источник: nvd
CVSS2: 3.5
EPSS Низкий

Описание

login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
Версия до 2.5.9 (включая)
cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*

EPSS

Процентиль: 55%
0.00328
Низкий

3.5 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2015-3179

ubuntu
около 10 лет назад

login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.

debian логотип

CVE-2015-3179

debian
около 10 лет назад

login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x ...

github логотип

GHSA-4ppg-2mx6-fqx9

github
около 3 лет назад

Moodle allows attackers to bypass intended login restrictions

fstec логотип

BDU:2015-10892

fstec
около 10 лет назад

Уязвимость системы управления обучением Мoodle, позволяющая нарушителю обойти ограничения входа в систему

EPSS

Процентиль: 55%
0.00328
Низкий

3.5 Low

CVSS2

Дефекты

CWE-264