Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2015-3181 CVE-2015-3179 CVE-2015-3180 CVE-2015-3178 CVE-2015-3177 CVE-2015-3176 CVE-2015-3175 CVE-2015-3174 |
| CWE-ID | CWE-264 CWE-200 CWE-79 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU40730
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3181
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restrictions by using web services to perform uploads after this capability has been revoked.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49994
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74728
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313688
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU40731
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3179
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74725
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU40732
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3180
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49788
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74729
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313687
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU40733
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3178
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in the external_format_text function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49718
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74726
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313685
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU40734
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3177
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe capability before entering subscriptions to site-wide event-monitor rules, which allows remote authenticated users to obtain sensitive information via a subscription request.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.8 - 2.8.5
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50039
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74721
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313684
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU40735
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3176
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote attackers to obtain sensitive full-name information by attempting to self-register.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50099
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74644
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU40736
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3175
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74720
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313682
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Cross-site scripting
EUVDB-ID: #VU40737
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3174
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.5 - 2.8.5
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.8.5:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941
https://openwall.com/lists/oss-security/2015/05/18/1
https://www.securityfocus.com/bid/74719
https://www.securitytracker.com/id/1032358
https://moodle.org/mod/forum/discuss.php?d=313681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
