Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2019-14829 CVE-2019-14828 CVE-2019-14827 CVE-2019-14830 CVE-2019-14831 |
| CWE-ID | CWE-477 CWE-264 CWE-79 CWE-601 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Use of Obsolete Function
EUVDB-ID: #VU21134
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: N/A
CWE-ID:
CWE-477 - Use of Obsolete Function
Exploit availability: No
DescriptionInstall updates from vendor's website.
Vulnerable software versionsMoodle: 3.5.0 beta - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391032
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU21133
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-14829
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to the activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode. A remote authenticated user can gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 2.3.7 - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391035
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU21132
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-14828
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges within the application.
The vulnerability exists due to software assigns teacher privileges by default to users that create courses. A remote authenticated user can gain unauthorized access to courses.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMoodle: 3.5.0 beta - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391031
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU21129
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-14827
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the Mustache templates via recursive rendering from contexts. A remote authenticated attacker can use Mustache helper tags to execute arbitrary JavaScript code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 3.5.0 beta - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391030
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Open redirect
EUVDB-ID: #VU21128
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-14830
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data in mobile launch endpoint. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to reveal mobile access tokens.
Note: This does not affect sites with a forced URL scheme configured, mobile service disabled, or where the mobile app login method is "via the app".
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 3.5.0 beta - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391036
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Open redirect
EUVDB-ID: #VU21127
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-14831
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data passed via forum subscribe link, if forced subscription mode is enabled. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 3.5.0 beta - 3.7.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:3.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:3.7.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=391037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
