9.8
CVE-2022-30600
- EPSS 3.93%
- Veröffentlicht 18.05.2022 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:03:00
- Quelle patrick@puiterwijk.org
- Teams Watchlist Login
- Unerledigt Login
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version8.0 SwEdition-
Fedoraproject ≫ Fedora Version34
Fedoraproject ≫ Fedora Version35
Fedoraproject ≫ Fedora Version36
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.93% | 0.878 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-682 Incorrect Calculation
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.