CVE-2024-45689

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Moodle (affected versions not specified)

Description: A flaw was found in the dynamic tables of Moodle, where capability checks were not enforced, allowing users to retrieve information they did not have permission to access. This issue is related to insufficient access control in the core table/dynamic module of the virtual learning environment. The exploitation of this flaw can enable a remote attacker to gain unauthorized access to protected information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authorization

Information Disclosure

Improper Privilege Management

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-200CWE-269CWE-264CWE-862

Related Identifiers

ALT-PU-2024-16385

ALT-PU-2024-16417

BDU:2024-10437

BIT-MOODLE-2024-45689

CVE-2024-45689

GHSA-J822-X5GG-5R56

Affected Products

Alt Linux

Moodle

Red Os

CVE-2024-45689

Weakness Enumeration

Related Identifiers

Affected Products

References · 21