PT-2019-6739 · Moodle · Moodle

Andrea Bicciolo

Publicado

2019-11-14

Atualizado

2022-04-23

CVE-2012-1157

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 2.2.2

Description The issue concerns default repository settings, where all repositories are viewable by all authenticated users due to a default capabilities issue. This allows unauthorized access to repository content.

Recommendations For versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to repositories by adjusting the default settings to limit visibility to authorized users only.

Correção

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2012-1157

GHSA-2X36-7XFM-PGM7

Produtos afetados

Moodle

PT-2019-6739 · Moodle · Moodle

CVE-2012-1157

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13