Multiple vulnerabilities in moodle Moodle
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2012-1157 CVE-2012-1158 CVE-2012-1159 CVE-2012-1160 CVE-2012-1161 CVE-2012-1169 CVE-2012-1170 CVE-2012-1155 CVE-2012-1156 CVE-2012-1168 |
| CWE-ID | CWE-276 CWE-200 CWE-732 CWE-354 CWE-532 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU30608
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-1157
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1157
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157
https://moodle.org/mod/forum/discuss.php?d=198624
https://security-tracker.debian.org/tracker/CVE-2012-1157
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU30609
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-1158
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1158
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1158
https://moodle.org/mod/forum/discuss.php?d=198627
https://security-tracker.debian.org/tracker/CVE-2012-1158
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU30610
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-1159
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
Moodle before 2.2.2: Overview report allows users to see hidden courses
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1159
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159
https://moodle.org/mod/forum/discuss.php?d=198628
https://security-tracker.debian.org/tracker/CVE-2012-1159
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Incorrect permission assignment for critical resource
EUVDB-ID: #VU30611
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-1160
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1160
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1160
https://moodle.org/mod/forum/discuss.php?d=198629
https://security-tracker.debian.org/tracker/CVE-2012-1160
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU30612
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-1161
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1161
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161
https://moodle.org/mod/forum/discuss.php?d=198630
https://security-tracker.debian.org/tracker/CVE-2012-1161
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU30613
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-1169
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1169
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169
https://moodle.org/mod/forum/discuss.php?d=198625
https://security-tracker.debian.org/tracker/CVE-2012-1169
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper validation of integrity check value
EUVDB-ID: #VU30614
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-1170
CWE-ID:
CWE-354 - Improper Validation of Integrity Check Value
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1170
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170
https://moodle.org/mod/forum/discuss.php?d=198632
https://security-tracker.debian.org/tracker/CVE-2012-1170
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Information disclosure
EUVDB-ID: #VU30615
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-1155
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2 - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1155
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155
https://moodle.org/mod/forum/discuss.php?d=198621
https://security-tracker.debian.org/tracker/CVE-2012-1155
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU30616
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-1156
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Moodle before 2.2.2 has users' private files included in course backups
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1156
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156
https://moodle.org/mod/forum/discuss.php?d=198623
https://security-tracker.debian.org/tracker/CVE-2012-1156
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU30617
Risk: High
CVSSv4.0: 6.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2012-1168
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.0 beta - 2.2.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.1:*:*:*:*:*:*:*
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1168
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168
https://moodle.org/mod/forum/discuss.php?d=198622
https://security-tracker.debian.org/tracker/CVE-2012-1168
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
