Описание
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.9.9.dfsg2-5 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 1.9.9.dfsg2-5 |
| quantal | not-affected | 1.9.9.dfsg2-5 |
| raring | not-affected | 1.9.9.dfsg2-5 |
| saucy | not-affected | 1.9.9.dfsg2-5 |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
Связанные уязвимости
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x ...
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.
EPSS
4 Medium
CVSS2