Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2012-5473 CVE-2012-5479 CVE-2012-5480 CVE-2012-5481 CVE-2012-5471 CVE-2012-5472 |
| CWE-ID | CWE-200 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU43313
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5473
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.3.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34448
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216157
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43314
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5479
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.2
CPE2.3https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33791
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36346
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216159
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43315
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-5480
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.2
CPE2.3https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216160
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43316
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5481
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.3 - 2.3.2
CPE2.3https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35381
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216161
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43317
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5471
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.2
CPE2.3https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29872
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216155
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43318
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5472
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2.1 - 2.3.2
CPE2.3https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-32785
https://openwall.com/lists/oss-security/2012/11/19/1
https://www.securityfocus.com/bid/56505
https://moodle.org/mod/forum/discuss.php?d=216156
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
