Описание
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.0:beta:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.0:rc2:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.11:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.12:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.7.13:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:beta:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.3
ubuntu
больше 8 лет назад
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.
CVSS3: 4.3
debian
больше 8 лет назад
The capability check to access other badges in Moodle 3.0 through 3.0. ...
EPSS
Процентиль: 36%
0.0015
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200