4.3

CVE-2016-8643

In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.

Data is provided by the National Vulnerability Database (NVD)
MoodleMoodle Version <= 2.7.16
MoodleMoodle Version2.8.0
MoodleMoodle Version2.8.1
MoodleMoodle Version2.8.2
MoodleMoodle Version2.8.3
MoodleMoodle Version2.8.4
MoodleMoodle Version2.8.5
MoodleMoodle Version2.8.6
MoodleMoodle Version2.8.7
MoodleMoodle Version2.8.8
MoodleMoodle Version2.8.9
MoodleMoodle Version2.8.10
MoodleMoodle Version2.8.11
MoodleMoodle Version2.8.12
MoodleMoodle Version2.9.0
MoodleMoodle Version2.9.1
MoodleMoodle Version2.9.2
MoodleMoodle Version2.9.3
MoodleMoodle Version2.9.4
MoodleMoodle Version2.9.5
MoodleMoodle Version2.9.6
MoodleMoodle Version2.9.7
MoodleMoodle Version2.9.8
MoodleMoodle Version3.0.0
MoodleMoodle Version3.0.1
MoodleMoodle Version3.0.2
MoodleMoodle Version3.0.3
MoodleMoodle Version3.0.4
MoodleMoodle Version3.0.5
MoodleMoodle Version3.0.6
MoodleMoodle Version3.1.0
MoodleMoodle Version3.1.1
MoodleMoodle Version3.1.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.19% 0.412
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:P/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.securityfocus.com/bid/94457
Third Party Advisory
VDB Entry