CVE-2016-3732
Published on: 04/20/2017 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:03 PM UTC
Certain versions of Moodle from Moodle contain the following vulnerability:
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.
- CVE-2016-3732 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 4.3 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | LOW | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | LOW | NONE | NONE |
CVSS2 Score: 4 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
oss-security - Moodle security release 3.0.4, 2.9.6, 2.8.12, 2.7.14 | Mailing List Third Party Advisory www.openwall.com text/html |
![]() |
1335933 – (CVE-2016-3729, CVE-2016-3731, CVE-2016-3732, CVE-2016-3733, CVE-2016-3734) CVE-2016-3729 CVE-2016-3731 CVE-2016-3732 CVE-2016-3733 CVE-2016-3734 moodle: Multiple vulnerabilities fixed in 3.0.4, 2.9.6, 2.8.12 and 2.7.14 | Issue Tracking Third Party Advisory bugzilla.redhat.com text/html |
![]() |
Moodle Bugs Let Remote Users Access and Modify Data and Conduct Cross-Site Request Forgery Attacks - SecurityTracker | Third Party Advisory VDB Entry www.securitytracker.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Moodle | Moodle | 2.7.0 | All | All | All |
Application | Moodle | Moodle | 2.7.0 | beta | All | All |
Application | Moodle | Moodle | 2.7.0 | rc1 | All | All |
Application | Moodle | Moodle | 2.7.0 | rc2 | All | All |
Application | Moodle | Moodle | 2.7.1 | All | All | All |
Application | Moodle | Moodle | 2.7.10 | All | All | All |
Application | Moodle | Moodle | 2.7.11 | All | All | All |
Application | Moodle | Moodle | 2.7.12 | All | All | All |
Application | Moodle | Moodle | 2.7.13 | All | All | All |
Application | Moodle | Moodle | 2.7.2 | All | All | All |
Application | Moodle | Moodle | 2.7.3 | All | All | All |
Application | Moodle | Moodle | 2.7.4 | All | All | All |
Application | Moodle | Moodle | 2.7.5 | All | All | All |
Application | Moodle | Moodle | 2.7.6 | All | All | All |
Application | Moodle | Moodle | 2.7.7 | All | All | All |
Application | Moodle | Moodle | 2.7.8 | All | All | All |
Application | Moodle | Moodle | 2.7.9 | All | All | All |
Application | Moodle | Moodle | 2.8.0 | All | All | All |
Application | Moodle | Moodle | 2.8.1 | All | All | All |
Application | Moodle | Moodle | 2.8.10 | All | All | All |
Application | Moodle | Moodle | 2.8.11 | All | All | All |
Application | Moodle | Moodle | 2.8.2 | All | All | All |
Application | Moodle | Moodle | 2.8.3 | All | All | All |
Application | Moodle | Moodle | 2.8.4 | All | All | All |
Application | Moodle | Moodle | 2.8.5 | All | All | All |
Application | Moodle | Moodle | 2.8.6 | All | All | All |
Application | Moodle | Moodle | 2.8.7 | All | All | All |
Application | Moodle | Moodle | 2.8.8 | All | All | All |
Application | Moodle | Moodle | 2.8.9 | All | All | All |
Application | Moodle | Moodle | 2.9.0 | All | All | All |
Application | Moodle | Moodle | 2.9.1 | All | All | All |
Application | Moodle | Moodle | 2.9.2 | All | All | All |
Application | Moodle | Moodle | 2.9.3 | All | All | All |
Application | Moodle | Moodle | 2.9.4 | All | All | All |
Application | Moodle | Moodle | 2.9.5 | All | All | All |
Application | Moodle | Moodle | 3.0.0 | All | All | All |
Application | Moodle | Moodle | 3.0.0 | beta | All | All |
Application | Moodle | Moodle | 3.0.0 | rc1 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc2 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc3 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc4 | All | All |
Application | Moodle | Moodle | 3.0.1 | All | All | All |
Application | Moodle | Moodle | 3.0.2 | All | All | All |
Application | Moodle | Moodle | 3.0.3 | All | All | All |
Application | Moodle | Moodle | 2.7.0 | All | All | All |
Application | Moodle | Moodle | 2.7.0 | beta | All | All |
Application | Moodle | Moodle | 2.7.0 | rc1 | All | All |
Application | Moodle | Moodle | 2.7.0 | rc2 | All | All |
Application | Moodle | Moodle | 2.7.1 | All | All | All |
Application | Moodle | Moodle | 2.7.10 | All | All | All |
Application | Moodle | Moodle | 2.7.11 | All | All | All |
Application | Moodle | Moodle | 2.7.12 | All | All | All |
Application | Moodle | Moodle | 2.7.13 | All | All | All |
Application | Moodle | Moodle | 2.7.2 | All | All | All |
Application | Moodle | Moodle | 2.7.3 | All | All | All |
Application | Moodle | Moodle | 2.7.4 | All | All | All |
Application | Moodle | Moodle | 2.7.5 | All | All | All |
Application | Moodle | Moodle | 2.7.6 | All | All | All |
Application | Moodle | Moodle | 2.7.7 | All | All | All |
Application | Moodle | Moodle | 2.7.8 | All | All | All |
Application | Moodle | Moodle | 2.7.9 | All | All | All |
Application | Moodle | Moodle | 2.8.0 | All | All | All |
Application | Moodle | Moodle | 2.8.1 | All | All | All |
Application | Moodle | Moodle | 2.8.10 | All | All | All |
Application | Moodle | Moodle | 2.8.11 | All | All | All |
Application | Moodle | Moodle | 2.8.2 | All | All | All |
Application | Moodle | Moodle | 2.8.3 | All | All | All |
Application | Moodle | Moodle | 2.8.4 | All | All | All |
Application | Moodle | Moodle | 2.8.5 | All | All | All |
Application | Moodle | Moodle | 2.8.6 | All | All | All |
Application | Moodle | Moodle | 2.8.7 | All | All | All |
Application | Moodle | Moodle | 2.8.8 | All | All | All |
Application | Moodle | Moodle | 2.8.9 | All | All | All |
Application | Moodle | Moodle | 2.9.0 | All | All | All |
Application | Moodle | Moodle | 2.9.1 | All | All | All |
Application | Moodle | Moodle | 2.9.2 | All | All | All |
Application | Moodle | Moodle | 2.9.3 | All | All | All |
Application | Moodle | Moodle | 2.9.4 | All | All | All |
Application | Moodle | Moodle | 2.9.5 | All | All | All |
Application | Moodle | Moodle | 3.0.0 | All | All | All |
Application | Moodle | Moodle | 3.0.0 | beta | All | All |
Application | Moodle | Moodle | 3.0.0 | rc1 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc2 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc3 | All | All |
Application | Moodle | Moodle | 3.0.0 | rc4 | All | All |
Application | Moodle | Moodle | 3.0.1 | All | All | All |
Application | Moodle | Moodle | 3.0.2 | All | All | All |
Application | Moodle | Moodle | 3.0.3 | All | All | All |
- cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:rc2:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.11:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.12:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.13:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc2:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc3:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc4:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.0:rc2:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.11:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.12:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.13:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc2:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc3:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.0:rc4:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE