Moodle CVE-2012-2367 Security Bypass Vulnerability
BID:53626
Info
Moodle CVE-2012-2367 Security Bypass Vulnerability
| Bugtraq ID: | 53626 |
| Class: | Unknown |
| CVE: |
CVE-2012-2367 |
| Remote: | Yes |
| Local: | No |
| Published: | May 21 2012 12:00AM |
| Updated: | Apr 13 2015 09:21PM |
| Credit: | Martin Huntley |
| Vulnerable: |
Moodle Moodle 2.2.2 Moodle Moodle 2.2.1 Moodle Moodle 2.1.5 Moodle Moodle 2.1.4 Moodle Moodle 2.1.2 Moodle Moodle 2.1.1 Moodle Moodle 2.0.8 Moodle Moodle 2.0.7 Moodle Moodle 2.0.5 Moodle Moodle 2.0.4 Moodle Moodle 2.0.3 Moodle Moodle 2.0.2 Moodle Moodle 2.0.1 Moodle Moodle 1.9.17 Moodle Moodle 1.9.16 Moodle Moodle 1.9.14 Moodle Moodle 1.9.13 Moodle Moodle 1.9.12 Moodle Moodle 1.9.11 Moodle Moodle 1.9.10 Moodle Moodle 1.9.9 Moodle Moodle 1.9.8 Moodle Moodle 1.9.7 Moodle Moodle 1.9.6 Moodle Moodle 1.9.5 Moodle Moodle 1.9.4 Moodle Moodle 1.9.1 Moodle Moodle 2.2.2+ Moodle Moodle 2.2 Moodle Moodle 2.1.5+ Moodle Moodle 2.1.3 Moodle Moodle 2.1 Moodle Moodle 2.0.8+ Moodle Moodle 2.0.6 Moodle Moodle 2.0 Moodle Moodle 1.9.3 Moodle Moodle 1.9.2 Moodle Moodle 1.9.17+ Moodle Moodle 1.9.15 Moodle Moodle 1.9 |
| Not Vulnerable: |
Moodle Moodle 2.2.3 Moodle Moodle 2.1.6 Moodle Moodle 2.0.9 Moodle Moodle 1.9.18 |
Discussion
Moodle CVE-2012-2367 Security Bypass Vulnerability
Moodle is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.
Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Moodle is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.
Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Exploit / POC
Moodle CVE-2012-2367 Security Bypass Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
Moodle CVE-2012-2367 Security Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Moodle CVE-2012-2367 Security Bypass Vulnerability
References:
References:
- Moodle Homepage (Moodle)
- MSA-12-0038: Calendar event write permission issue (Moodle)