Lucene search
Ubuntu.comUB:CVE-2013-1830HistoryMar 11, 2013 - 12:00 a.m.
CVE-2013-1830
2013-03-1100:00:00
ubuntu.com
ubuntu.com
11
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
71.7%
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before
2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles
setting, which allows remote attackers to obtain sensitive course-profile
information by leveraging the guest role, as demonstrated by a Google
search.
Notes
| Author | Note |
|---|---|
| seth-arnold | MSA-13-0012 |
Related
prion
prion
Code injection
2013-03-25 21:55:00
osv
osv
Moodle does not enforce the forceloginforprofiles setting
2022-05-13 01:12:57
nvd
nvd
CVE-2013-1830
2013-03-25 21:55:02
github
github
Moodle does not enforce the forceloginforprofiles setting
2022-05-13 01:12:57
cvelist
cvelist
CVE-2013-1830
2013-03-25 21:00:00
cve
cve
CVE-2013-1830
2013-03-25 21:55:02
veracode
veracode
Information Disclosure
2017-07-20 09:14:41
nessus
nessus
Fedora 18 : moodle-2.3.6-1.fc18 (2013-4387)
2013-04-03 00:00:00
Fedora 17 : moodle-2.2.9-1.fc17 (2013-4404)
2013-04-03 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4404
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: moodle-2.2.9-1.fc17
2013-04-03 04:26:27
[SECURITY] Fedora 18 Update: moodle-2.3.6-1.fc18
2013-04-03 04:44:25
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
71.7%
Related for UB:CVE-2013-1830