Lucene search
HistoryApr 29, 2010 - 9:30 p.m.
CVE-2010-1616
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
50.4%
Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
Affected configurations
Node
moodlemoodleMatch1.8.1
ORmoodlemoodleMatch1.8.2
ORmoodlemoodleMatch1.8.3
ORmoodlemoodleMatch1.8.4
ORmoodlemoodleMatch1.8.5
ORmoodlemoodleMatch1.8.6
ORmoodlemoodleMatch1.8.7
ORmoodlemoodleMatch1.8.8
ORmoodlemoodleMatch1.8.9
ORmoodlemoodleMatch1.8.10
ORmoodlemoodleMatch1.8.11
ORmoodlemoodleMatch1.9.1
ORmoodlemoodleMatch1.9.2
ORmoodlemoodleMatch1.9.3
ORmoodlemoodleMatch1.9.4
ORmoodlemoodleMatch1.9.5
ORmoodlemoodleMatch1.9.6
ORmoodlemoodleMatch1.9.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | 1.8.1 | cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.2 | cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.3 | cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.4 | cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.5 | cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.6 | cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.7 | cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.8 | cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.9 | cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:* |
| moodle | moodle | 1.8.10 | cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:* |
Related
github
github
Moodle is vulnerable to unauthorized new accounts creation
2022-05-13 01:13:08
cvelist
cvelist
CVE-2010-1616
2010-04-29 21:00:00
osv
osv
Moodle is vulnerable to unauthorized new accounts creation
2022-05-13 01:13:08
moodle - several vulnerabilities
2010-09-29 00:00:00
prion
prion
Security feature bypass
2010-04-29 21:30:00
ubuntucve
ubuntucve
CVE-2010-1616
2010-04-29 00:00:00
cve
cve
CVE-2010-1616
2010-04-29 21:30:00
openvas
openvas
Moodle Session Fixation Vulnerability
2010-05-19 00:00:00
Moodle Session Fixation Vulnerability
2010-05-19 00:00:00
Moodle 1.8.x < 1.8.12, 1.9.x < 1.9.8 Multiple Vulnerabilities
2010-04-12 00:00:00
nessus
nessus
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
Debian DSA-2115-1 : moodle - several vulnerabilities
2010-10-06 00:00:00
debian
debian
[SECURITY] [DSA-2115-2] New moodle packages fix several vulnerabilities
2010-10-11 05:18:06
[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities
2010-09-29 21:04:56
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
50.4%
Related for NVD:CVE-2010-1616