Moodle is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks.
Moodle 3.7, 3.6 through 3.6.4, 3.5 through 3.5.6 and prior unsupported versions are vulnerable.
Currently, we are not aware of any working exploits. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Bugtraq ID: | 109174 |
Class: | Input Validation Error |
CVE: | CVE-2019-10187 |
Remote: | Yes |
Local: | No |
Published: | Jul 16 2019 12:00AM |
Updated: | Jul 16 2019 12:00AM |
Credit: | Peter Dias |
Vulnerable: | Moodle Moodle 3.6.4 Moodle Moodle 3.6.3 Moodle Moodle 3.6.2 Moodle Moodle 3.6.1 Moodle Moodle 3.5.6 Moodle Moodle 3.5.5 Moodle Moodle 3.5.4 Moodle Moodle 3.5.3 Moodle Moodle 3.5.2 Moodle Moodle 3.5.1 Moodle Moodle 3.4.9 Moodle Moodle 3.4.8 Moodle Moodle 3.4.7 Moodle Moodle 3.4.6 Moodle Moodle 3.4.5 Moodle Moodle 3.4.4 Moodle Moodle 3.4.3 Moodle Moodle 3.4.2 Moodle Moodle 3.3.9 Moodle Moodle 3.3.8 Moodle Moodle 3.3.7 Moodle Moodle 3.3.6 Moodle Moodle 3.3.5 Moodle Moodle 3.3.4 Moodle Moodle 3.3.3 Moodle Moodle 3.3.1 Moodle Moodle 3.2.9 Moodle Moodle 3.2.8 Moodle Moodle 3.2.7 Moodle Moodle 3.2.6 Moodle Moodle 3.2.4 Moodle Moodle 3.1.18 Moodle Moodle 3.1.17 Moodle Moodle 3.1.16 Moodle Moodle 3.1.15 Moodle Moodle 3.1.14 Moodle Moodle 3.1.13 Moodle Moodle 3.1.12 Moodle Moodle 3.1.11 Moodle Moodle 3.1.10 Moodle Moodle 3.1.9 Moodle Moodle 3.1.7 Moodle Moodle 3.1.4 Moodle Moodle 3.1.3 Moodle Moodle 3.1.2 Moodle Moodle 3.1.1 Moodle Moodle 3.0.8 Moodle Moodle 3.0.7 Moodle Moodle 3.0.6 Moodle Moodle 3.0.5 Moodle Moodle 3.0.4 Moodle Moodle 3.0.3 Moodle Moodle 3.0.2 Moodle Moodle 3.0.1 Moodle Moodle 3.7 Moodle Moodle 3.6 Moodle Moodle 3.5 Moodle Moodle 3.4.1 Moodle Moodle 3.4 Moodle Moodle 3.3.2 Moodle Moodle 3.3 Moodle Moodle 3.2.5 Moodle Moodle 3.2.3 Moodle Moodle 3.2.2 Moodle Moodle 3.2.1 Moodle Moodle 3.2 Moodle Moodle 3.1.8 Moodle Moodle 3.1.6 Moodle Moodle 3.1.5 Moodle Moodle 3.1 Moodle Moodle 3.0.9 Moodle Moodle 3.0.10 Moodle Moodle 3.0 |
Not Vulnerable: | Moodle Moodle 3.7.1 Moodle Moodle 3.6.5 Moodle Moodle 3.5.7 |
from SecurityFocus Vulnerabilities https://ift.tt/2lGPEJZ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.