PT-2018-10126 · Moodle · Moodle

Helen Foster

Publicado

2018-04-04

Atualizado

2022-05-13

CVE-2018-1082

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Moodle versions 3.3 through 3.3.4 Moodle versions 3.4 through 3.4.1

Description A flaw was found in the authentication process. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.

Recommendations For Moodle versions 3.3 through 3.3.4, update to a version that fixes this issue. For Moodle versions 3.4 through 3.4.1, update to a version that fixes this issue.

Correção

Improper Authorization

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285CWE-287

Identificadores relacionados

CVE-2018-1082

GHSA-QH8M-6G4P-33H3

Produtos afetados

Moodle

PT-2018-10126 · Moodle · Moodle

CVE-2018-1082

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11