Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
BID:68772
Info
Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
| Bugtraq ID: | 68772 |
| Class: | Design Error |
| CVE: |
CVE-2014-3553 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 21 2014 12:00AM |
| Updated: | May 07 2015 05:01PM |
| Credit: | Jakob Ackermann |
| Vulnerable: |
Moodle Moodle 2.2.3 Moodle Moodle 2.2.2 Moodle Moodle 2.2.1 Moodle Moodle 2.1.6 Moodle Moodle 2.1.5 Moodle Moodle 2.1.4 Moodle Moodle 2.1.2 Moodle Moodle 2.1.1 Moodle Moodle 2.0.9 Moodle Moodle 2.0.8 Moodle Moodle 2.0.7 Moodle Moodle 2.0.5 Moodle Moodle 2.0.4 Moodle Moodle 2.0.3 Moodle Moodle 2.0.2 Moodle Moodle 2.0.1 Moodle Moodle 1.9.18 Moodle Moodle 1.9.17 Moodle Moodle 1.9.16 Moodle Moodle 1.9.14 Moodle Moodle 1.9.13 Moodle Moodle 1.9.12 Moodle Moodle 1.9.11 Moodle moodle 1.9.10 Moodle moodle 1.9.9 Moodle moodle 1.9.8 Moodle moodle 1.9.7 Moodle moodle 1.9.6 Moodle Moodle 1.9.5 Moodle moodle 1.9.4 Moodle moodle 1.9.3 Moodle moodle 1.9.2 Moodle Moodle 1.9.1 Moodle moodle 1.8.14 Moodle moodle 1.8.13 Moodle moodle 1.8.11 Moodle moodle 1.8.10 Moodle moodle 1.8.9 Moodle moodle 1.8.8 Moodle moodle 1.8.7 Moodle moodle 1.8.6 Moodle moodle 1.8.5 Moodle moodle 1.8.4 Moodle moodle 1.8.3 Moodle moodle 1.8.2 Moodle Moodle 1.8.1 Moodle moodle 1.7.7 Moodle moodle 1.7.6 Moodle moodle 1.7.5 Moodle moodle 1.7.4 Moodle moodle 1.7.3 Moodle moodle 1.7.2 Moodle moodle 1.7.1 Moodle moodle 1.6.9 Moodle moodle 1.6.8 Moodle moodle 1.6.7 Moodle moodle 1.6.6 Moodle moodle 1.6.5 Moodle moodle 1.6.4 Moodle moodle 1.6.3 Moodle moodle 1.6.2 Moodle moodle 1.6.1 Moodle moodle 1.6 Moodle moodle 1.5.2 Moodle moodle 1.5.1 Moodle moodle 1.5 Moodle moodle 1.4.3 Moodle moodle 1.4.2 Moodle moodle 1.4.1 Moodle moodle 1.3.4 Moodle moodle 1.3.3 Moodle moodle 1.3.2 Moodle moodle 1.3.1 Moodle moodle 1.3 Moodle Moodle 1.2.2 Moodle moodle 1.2.1 Moodle moodle 1.2 Moodle moodle 1.1.1 Moodle Moodle 2.2 Moodle Moodle 2.1.3 Moodle Moodle 2.1 Moodle Moodle 2.0.6 Moodle Moodle 2.0 Moodle Moodle 1.9.15 Moodle moodle 1.9 Moodle Moodle 1.8 Moodle moodle 1.7 Moodle Moodle 1.6 Moodle Moodle 1.5 Moodle Moodle 1.4.5 Moodle Moodle 1.4.4 Moodle Moodle 1.4.1 Moodle Moodle 1.3 Moodle moodle 1.18.2.3 Moodle moodle 1.18.2.2 BEA Systems Weblogic Proxy Plugin 1.5.3 |
| Not Vulnerable: | |
Discussion
Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
Moodle is prone to an unauthorized-access vulnerability.
Attackers can exploit this issue to gain unauthorized access and and perform unauthorized actions. This may aid in further attacks.
Moodle versions 2.7, 2.6 through 2.6.3, 2.5 through 2.5.6, and 2.4 through 2.4.10 are vulnerable.
Moodle is prone to an unauthorized-access vulnerability.
Attackers can exploit this issue to gain unauthorized access and and perform unauthorized actions. This may aid in further attacks.
Moodle versions 2.7, 2.6 through 2.6.3, 2.5 through 2.5.6, and 2.4 through 2.4.10 are vulnerable.
Exploit / POC
Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
An attacker can exploit this issue using a web browser.
An attacker can exploit this issue using a web browser.