CVE-2011-4302 in Moodleinfo

Summary

mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/04/2011

Disclosure

07/11/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

7.3

EPSS

0.00133

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4302
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4302
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4302/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!