Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2022-0334

UNKNOWN
Published 2022-01-25T19:11:11
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-0334. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

Insufficient user authorization in Moodle

GHSA-93pj-4p65-qmr9

Advisory Details

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.

Affected Packages

Packagist moodle/moodle
ECOSYSTEM: ≥3.11 <3.11.5
Packagist moodle/moodle
ECOSYSTEM: ≥3.10 <3.10.8
Packagist moodle/moodle
ECOSYSTEM: ≥0 <3.9.11

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-0334
WEB https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84
WEB https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2043664
WEB https://moodle.org/mod/forum/discuss.php?d=431102

Advisory provided by GitHub Security Advisory Database. Published: January 28, 2022, Modified: February 2, 2022

References

https://bugzilla.redhat.com/show_bug.cgi?id=2043664
https://moodle.org/mod/forum/discuss.php?d=431102
Published: 2022-01-25T19:11:11
Last Modified: 2024-08-02T23:25:40.135Z
Copied to clipboard!