PT-2023-32170 · Moodle+7 · Moodle+6

Erica Bithell

Publicado

2023-11-09

Atualizado

2024-03-06

CVE-2023-5549

CVSS v3.1

3.3

Baixa

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue is related to insufficient web service capability checks. This allowed users to move categories they had permission to manage to a parent category they did not have the capability to manage. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-269

Identificadores relacionados

BIT-MOODLE-2023-5549

CVE-2023-5549

GHSA-FM5H-58G2-4M3F

Produtos afetados

Moodle

Ckeditor4

Extra Packages For Enterprise Linux

Fedora

Moodle/Moodle

Upx

Wireshark

PT-2023-32170 · Moodle+7 · Moodle+6

CVE-2023-5549

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14