CVE-2022-35650 - OpenCVE

The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Moodle	Moodle

Configuration 1 [-]

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*

No data.

References

Link	Providers
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029
https://bugzilla.redhat.com/show_bug.cgi?id=2106274
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/
https://moodle.org/mod/forum/discuss.php?d=436457

History

No history.

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2022-07-25T15:29:06

Updated: 2024-08-03T09:36:44.416Z

Reserved: 2022-07-12T00:00:00

Link: CVE-2022-35650

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-07-25T16:15:08.350

Modified: 2023-11-07T03:49:19.940

Link: CVE-2022-35650

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Moodle", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in moodle 4.0.2, moodle 3.11.8, moodle 3.9.15"}]}], "descriptions": [{"lang": "en", "value": "The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-27T04:06:14", "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106274"}, {"tags": ["x_refsource_MISC"], "url": "https://moodle.org/mod/forum/discuss.php?d=436457"}, {"tags": ["x_refsource_MISC"], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029"}, {"name": "FEDORA-2022-81ce74b2dd", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/"}, {"name": "FEDORA-2022-7e7ce7df2e", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "patrick@puiterwijk.org", "ID": "CVE-2022-35650", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Moodle", "version": {"version_data": [{"version_value": "Fixed in moodle 4.0.2, moodle 3.11.8, moodle 3.9.15"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2106274", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106274"}, {"name": "https://moodle.org/mod/forum/discuss.php?d=436457", "refsource": "MISC", "url": "https://moodle.org/mod/forum/discuss.php?d=436457"}, {"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029", "refsource": "MISC", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029"}, {"name": "FEDORA-2022-81ce74b2dd", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/"}, {"name": "FEDORA-2022-7e7ce7df2e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:36:44.416Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106274"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://moodle.org/mod/forum/discuss.php?d=436457"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029"}, {"name": "FEDORA-2022-81ce74b2dd", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/"}, {"name": "FEDORA-2022-7e7ce7df2e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/"}]}]}, "cveMetadata": {"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "cveId": "CVE-2022-35650", "datePublished": "2022-07-25T15:29:06", "dateReserved": "2022-07-12T00:00:00", "dateUpdated": "2024-08-03T09:36:44.416Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B77A5BD-2E62-402E-91AE-123454C5C5C6", "versionEndExcluding": "3.9.15", "versionStartIncluding": "3.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "EED9C096-FAE5-4206-B901-1D2EDD67AE7B", "versionEndExcluding": "3.11.8", "versionStartIncluding": "3.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D35119B-0B9B-4247-92F6-B788841A36F6", "versionEndExcluding": "4.0.2", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default."}, {"lang": "es", "value": "La vulnerabilidad se encontr\u00f3 en Moodle, es producido debido a un error de comprobaci\u00f3n de entrada cuando son importadas las preguntas de las lecciones. Esta comprobaci\u00f3n insuficiente de la ruta resulta en un riesgo de lectura arbitraria de archivos. Esta vulnerabilidad permite a un atacante remoto llevar a cabo ataques de salto de directorio. La capacidad de acceder a esta funci\u00f3n s\u00f3lo est\u00e1 disponible por defecto para profesores, manejadores y administradores"}], "id": "CVE-2022-35650", "lastModified": "2023-11-07T03:49:19.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-25T16:15:08.350", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029"}, {"source": "patrick@puiterwijk.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106274"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/"}, {"source": "patrick@puiterwijk.org", "tags": ["Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=436457"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}]}