CVE-2012-3388 in Moodleinformazioni

Riassunto

di MITRE

The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger caching of a user record.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

14/06/2012

Divulgazione

23/07/2012

Moderazione

accettato

Voce

VDB-61389

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

4.0 (NVD)

EPSS

0.01128

KEV

Attività

molto basso

Settore

Education, Police

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3388
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3388
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3388/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!