Lucene search

FreeBSDAB02F981-AB9E-11E6-AE1B-002590263BF5

HistorySep 12, 2016 - 12:00 a.m.

moodle -- multiple vulnerabilities

2016-09-1200:00:00

vuxml.freebsd.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

36.5%

JSON

Marina Glancy reports:

MSA-16-0022: Web service tokens should be invalidated when
the user password is changed or forced to be changed.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchmoodle29< 2.9.8UNKNOWN
FreeBSDanynoarchmoodle30< 3.0.6UNKNOWN
FreeBSDanynoarchmoodle31< 3.1.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	moodle29	< 2.9.8	UNKNOWN
FreeBSD	any	noarch	moodle30	< 3.0.6	UNKNOWN
FreeBSD	any	noarch	moodle31	< 3.1.2	UNKNOWN

References

moodle.org/security/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

36.5%

JSON

Related for AB02F981-AB9E-11E6-AE1B-002590263BF5