CVE-2022-0334
Summary
| CVE | CVE-2022-0334 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-01-25 20:15:00 UTC |
| Updated | 2022-12-21 15:01:00 UTC |
| Description | A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability. |
Risk And Classification
Problem Types: CWE-668
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Moodle.org: MSA-22-0003: Capability gradereport/user:view not always respected when navigating to a user's course grade report | MISC | moodle.org | |
| 2043664 – (CVE-2022-0334, MSA-22-0003) CVE-2022-0334 moodle: Capability gradereport/user:view not always respected when navigating to a user's course grade report | MISC | bugzilla.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.