Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4583

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2011-4583
Last Modified 12 Aug 2013 01:58:44
Published 20 Jul 2012 06:40:35
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-4583

Summary

Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.

Vulnerable Systems

Application

  • Moodle 2.0

  • Moodle 2.0.1

  • Moodle 2.0.2

  • Moodle 2.0.3

  • Moodle 2.0.4

  • Moodle 2.0.5

  • Moodle 2.1

  • Moodle 2.1.1

  • Moodle 2.1.2


References

CONFIRM - http://moodle.org/mod/forum/discuss.php?d=191750

CONFIRM - http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28670&sr=1

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=761248


Last Updated: 27 May 2016 10:54:55