A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.
History

Tue, 12 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Moodle
Moodle moodle
Weaknesses CWE-754
CPEs cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
Vendors & Products Moodle
Moodle moodle
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 11 Nov 2024 12:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.
Title Moodle: can create global glossary without being admin
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2024-11-11T12:17:26.812Z

Updated: 2024-11-12T15:01:08.757Z

Reserved: 2024-08-13T07:15:00.598Z

Link: CVE-2024-43435

cve-icon Vulnrichment

Updated: 2024-11-12T14:58:56.975Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-11T13:15:04.580

Modified: 2024-11-12T15:35:09.300

Link: CVE-2024-43435

cve-icon Redhat

No data.