PT-2024-8617 · Moodle+2 · Moodle+2

Robert Schrenk

Published

2024-08-19

Updated

2025-05-02

CVE-2024-43435

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions moodle (affected versions not specified)

Description A flaw was found in the moodle virtual learning environment related to insufficient capability checks. This issue makes it possible for users with access to restore glossaries in courses to restore them into the global site glossary, potentially allowing a remote attacker to compromise the target system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-754

Related Identifiers

ALT-PU-2024-16385

ALT-PU-2024-16417

BDU:2024-10191

BIT-MOODLE-2024-43435

CVE-2024-43435

GHSA-4GQ2-X5W4-7HP8

Affected Products

Alt Linux

Red Os

Moodle

PT-2024-8617 · Moodle+2 · Moodle+2

CVE-2024-43435

Weakness Enumeration

Related Identifiers

Affected Products

References · 17