OpenCVE

Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Moodle	Moodle

Configuration 1 [-]

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:15:::::::*
	cpe:2.3:o:fedoraproject:fedora:16:::::::*
	cpe:2.3:o:fedoraproject:fedora:17:::::::*

No data.

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
https://access.redhat.com/security/cve/cve-2012-1169
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169
https://moodle.org/mod/forum/discuss.php?d=198625
https://security-tracker.debian.org/tracker/CVE-2012-1169

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-11-14T16:26:14

Updated: 2024-08-06T18:53:35.717Z

Reserved: 2012-02-14T00:00:00

Link: CVE-2012-1169

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-11-14T17:15:12.973

Modified: 2024-11-21T01:36:34.917

Link: CVE-2012-1169

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Moodle", "vendor": "Moodle", "versions": [{"status": "affected", "version": "2.2 to 2.2.1+"}, {"status": "affected", "version": "2.1 to 2.1.4+"}, {"status": "affected", "version": "2.0 to 2.0.7+"}]}], "descriptions": [{"lang": "en", "value": "Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs."}], "problemTypes": [{"descriptions": [{"description": "UNKNOWN_TYPE", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-14T16:26:14", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"}, {"tags": ["x_refsource_MISC"], "url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/cve-2012-1169"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://moodle.org/mod/forum/discuss.php?d=198625"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:53:35.717Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/cve-2012-1169"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://moodle.org/mod/forum/discuss.php?d=198625"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1169", "datePublished": "2019-11-14T16:26:14", "dateReserved": "2012-02-14T00:00:00", "dateUpdated": "2024-08-06T18:53:35.717Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B540235-AD20-48B5-9F07-A6899AF88F9B", "versionEndExcluding": "2.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*", "matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs."}, {"lang": "es", "value": "Moodle versiones anteriores a la versi\u00f3n 2.2.2, tiene una divulgaci\u00f3n de informaci\u00f3n personal, cuando la configuraci\u00f3n administrativa de la visualizaci\u00f3n del nombre de los usuarios es establecida con el nombre solo se muestran los nombres completos en las rutas de navegaci\u00f3n de la p\u00e1gina."}], "id": "CVE-2012-1169", "lastModified": "2024-11-21T01:36:34.917", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-14T17:15:12.973", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "https://access.redhat.com/security/cve/cve-2012-1169"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=198625"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://access.redhat.com/security/cve/cve-2012-1169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=198625"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2012-1169"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}