CVE-2011-4287 in Moodleinfo

Summary

admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/04/2011

Disclosure

07/16/2012

Moderation

VulDB entry created

Entries

VDB-61295 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

7.3

EPSS

0.00485

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4287
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4287
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4287/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!