Lucene search
HistoryJul 20, 2012 - 10:40 a.m.
CVE-2011-4592
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
64.7%
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Affected configurations
Node
moodlemoodleMatch2.0.0
ORmoodlemoodleMatch2.0.1
ORmoodlemoodleMatch2.0.2
ORmoodlemoodleMatch2.0.3
ORmoodlemoodleMatch2.0.4
ORmoodlemoodleMatch2.0.5
Node
moodlemoodleMatch2.1.0
ORmoodlemoodleMatch2.1.1
ORmoodlemoodleMatch2.1.2
Related
cvelist
cvelist
CVE-2011-4592
2012-07-20 10:00:00
cve
cve
CVE-2011-4592
2012-07-20 10:40:36
ubuntucve
ubuntucve
CVE-2011-4592
2012-07-20 00:00:00
prion
prion
Command injection
2012-07-20 10:40:00
fedora
fedora
[SECURITY] Fedora 16 Update: moodle-2.0.6-1.fc16
2011-12-21 17:11:48
[SECURITY] Fedora 15 Update: moodle-1.9.15-1.fc15
2011-12-21 17:10:35
openvas
openvas
Fedora Update for moodle FEDORA-2011-16833
2012-04-02 00:00:00
Fedora Update for moodle FEDORA-2011-16903
2011-12-23 00:00:00
Fedora Update for moodle FEDORA-2011-16833
2012-04-02 00:00:00
nessus
nessus
Fedora 15 : moodle-1.9.15-1.fc15 (2011-16903)
2011-12-22 00:00:00
Fedora 16 : moodle-2.0.6-1.fc16 (2011-16833)
2011-12-22 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
64.7%
Related for NVD:CVE-2011-4592