CVE-2012-3394 in Moodleالمعلومات

الملخص

بحسب MITRE

auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

14/06/2012

إفشاء

23/07/2012

الاعتدال

تمت الموافقة

إدخال

VDB-61395

EPSS

0.02105

KEV

لا

النشاطات

منخفض جدًا

القطاع

Police, Education

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!