Lucene search
GoogleOSV:CVE-2020-25701HistoryNov 19, 2020 - 5:15 p.m.
CVE-2020-25701
2020-11-1917:15:12
Google
osv.dev
8
moodle
unauthorized access
vulnerability
If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.
References
bugzilla.redhat.com/show_bug.cgi?id=1895432
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413939
Related
nvd
nvd
CVE-2020-25701
2020-11-19 17:15:12
github
github
Privilage Escalation in moodle
2021-03-29 20:42:55
veracode
veracode
Privilege Escalation
2020-11-20 03:33:25
osv
osv
Privilage Escalation in moodle
2021-03-29 20:42:55
BIT-moodle-2020-25701
2024-03-06 11:11:31
cve
cve
CVE-2020-25701
2020-11-19 17:15:12
ubuntucve
ubuntucve
CVE-2020-25701
2020-11-19 00:00:00
prion
prion
Design/Logic Flaw
2020-11-19 17:15:00
cvelist
cvelist
CVE-2020-25701
2020-11-19 16:10:53
openvas
openvas
Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities
2020-11-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-304aa2c365)
2020-11-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-db73e37548)
2020-11-28 00:00:00
nessus
nessus
Fedora 32 : moodle (2020-db73e37548)
2020-11-30 00:00:00
Fedora 33 : moodle (2020-304aa2c365)
2020-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: moodle-3.9.3-1.fc33
2020-11-28 02:04:40
[SECURITY] Fedora 32 Update: moodle-3.8.6-1.fc32
2020-11-28 02:10:53