CVE-2024-38275 - Vulnerability Details - OpenCVE

The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00546.

Exploitation none

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Moodle

Moodle

unaffected

Version	Status	Constraints
`4.4`	affected	—
`4.3`	affected	≤ 4.3.4
`4.2`	affected	≤ 4.2.7
`4.1`	affected	≤ 4.1.10

Configuration 1 [-]

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle:4.4.0:::::::*

No data.

No data.

Subscriptions

Vendors	Products
Moodle Subscribe	Moodle Subscribe

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-p2cj-86v4-7782	Moodle HTTP authorization header is preserved between "emulated redirects"

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://moodle.org/mod/forum/discuss.php?d=459500

History

Thu, 01 May 2025 00:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-459
CPEs		cpe:2.3:a:moodle:moodle::::::::

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2024-06-18T19:49:26.986Z

Updated: 2024-08-02T04:04:25.068Z

Reserved: 2024-06-12T14:08:44.047Z

Link: CVE-2024-38275

Vulnrichment

Updated: 2024-07-02T13:43:48.130Z

NVD

Status : Analyzed

Published: 2024-06-18T20:15:13.970

Modified: 2025-04-30T23:35:59.790

Link: CVE-2024-38275

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38275", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "state": "PUBLISHED", "assignerShortName": "fedora", "dateReserved": "2024-06-12T14:08:44.047Z", "datePublished": "2024-06-18T19:49:26.986Z", "dateUpdated": "2024-08-02T04:04:25.068Z"}, "containers": {"cna": {"title": "moodle: HTTP authorization header is preserved between \"emulated redirects\"", "datePublic": "2024-06-18T17:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-226", "description": "CWE-226", "type": "CWE"}]}], "affected": [{"vendor": "Moodle", "product": "Moodle", "versions": [{"status": "affected", "version": "4.4", "versionType": "semver"}, {"status": "affected", "version": "4.3", "lessThanOrEqual": "4.3.4", "versionType": "semver"}, {"status": "affected", "version": "4.2", "lessThanOrEqual": "4.2.7", "versionType": "semver"}, {"status": "affected", "version": "4.1", "lessThanOrEqual": "4.1.10", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<pre>The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.</pre><br>"}]}], "references": [{"url": "https://moodle.org/mod/forum/discuss.php?d=459500"}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-06-18T19:49:26.986Z"}}, "adp": [{"affected": [{"vendor": "moodle", "product": "moodle", "cpes": ["cpe:2.3:a:moodle:moodle:4.1.0:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.1.0", "status": "affected", "lessThanOrEqual": "4.1.10", "versionType": "custom"}]}, {"vendor": "moodle", "product": "moodle", "cpes": ["cpe:2.3:a:moodle:moodle:4.2.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.2.0", "status": "affected", "lessThanOrEqual": "4.2.7", "versionType": "custom"}]}, {"vendor": "moodle", "product": "moodle", "cpes": ["cpe:2.3:a:moodle:moodle:4.3.0:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.3.0", "status": "affected", "lessThanOrEqual": "4.3.4", "versionType": "custom"}]}, {"vendor": "moodle", "product": "moodle", "cpes": ["cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.1", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-02T13:36:09.482006Z", "id": "CVE-2024-38275", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T19:52:54.464Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:04:25.068Z"}, "title": "CVE Program Container", "references": [{"url": "https://moodle.org/mod/forum/discuss.php?d=459500", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-38275", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-02T13:36:09.482006Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:moodle:moodle:4.1.0:-:*:*:*:*:*:*"], "vendor": "moodle", "product": "moodle", "versions": [{"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.1.10"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:moodle:moodle:4.2.0:*:*:*:*:*:*:*"], "vendor": "moodle", "product": "moodle", "versions": [{"status": "affected", "version": "4.2.0", "versionType": "custom", "lessThanOrEqual": "4.2.7"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:moodle:moodle:4.3.0:-:*:*:*:*:*:*"], "vendor": "moodle", "product": "moodle", "versions": [{"status": "affected", "version": "4.3.0", "versionType": "custom", "lessThanOrEqual": "4.3.4"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*"], "vendor": "moodle", "product": "moodle", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T13:43:48.130Z"}}], "cna": {"title": "moodle: HTTP authorization header is preserved between \"emulated redirects\"", "affected": [{"vendor": "Moodle", "product": "Moodle", "versions": [{"status": "affected", "version": "4.4", "versionType": "semver"}, {"status": "affected", "version": "4.3", "versionType": "semver", "lessThanOrEqual": "4.3.4"}, {"status": "affected", "version": "4.2", "versionType": "semver", "lessThanOrEqual": "4.2.7"}, {"status": "affected", "version": "4.1", "versionType": "semver", "lessThanOrEqual": "4.1.10"}], "defaultStatus": "unaffected"}], "datePublic": "2024-06-18T17:00:00.000Z", "references": [{"url": "https://moodle.org/mod/forum/discuss.php?d=459500"}], "descriptions": [{"lang": "en", "value": "The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.", "supportingMedia": [{"type": "text/html", "value": "<pre>The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.</pre><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-226", "description": "CWE-226"}]}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-06-18T19:49:26.986Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38275", "state": "PUBLISHED", "dateUpdated": "2024-07-02T19:52:54.464Z", "dateReserved": "2024-06-12T14:08:44.047Z", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "datePublished": "2024-06-18T19:49:26.986Z", "assignerShortName": "fedora"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABC3A60E-A580-462D-9C0B-73BD92B4F5F8", "versionEndExcluding": "4.1.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EF79A9A-E117-44AF-BA6B-DC9620FDA8CE", "versionEndExcluding": "4.2.8", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E990456-42CD-4B17-8A62-1F2ACF3B0678", "versionEndExcluding": "4.3.5", "versionStartIncluding": "4.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "23575814-D590-4CDA-880B-E7214A53D7F5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs."}, {"lang": "es", "value": "El contenedor cURL en Moodle retuvo los encabezados de solicitud originales al seguir redirecciones, por lo que la informaci\u00f3n del encabezado de autorizaci\u00f3n HTTP podr\u00eda enviarse involuntariamente en solicitudes para redireccionar URL."}], "id": "CVE-2024-38275", "lastModified": "2025-04-30T23:35:59.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-06-18T20:15:13.970", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=459500"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=459500"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-226"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-459"}], "source": "nvd@nist.gov", "type": "Primary"}]}