2017-10-16 12:31:07 -04:00
{
2019-03-18 02:48:52 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2011-4288" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-18 02:48:52 +00:00
"lang" : "eng" ,
"value" : "Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role."
2017-10-16 12:31:07 -04:00
}
2019-03-18 02:48:52 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update" ,
"refsource" : "MLIST" ,
"url" : "http://openwall.com/lists/oss-security/2011/11/14/1"
} ,
{
"name" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=79c6e3a0968ee1fedcf8a1f14f8086fcd9dbd3f6" ,
"refsource" : "CONFIRM" ,
"url" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=79c6e3a0968ee1fedcf8a1f14f8086fcd9dbd3f6"
} ,
{
"name" : "http://moodle.org/mod/forum/discuss.php?d=175590" ,
"refsource" : "CONFIRM" ,
"url" : "http://moodle.org/mod/forum/discuss.php?d=175590"
}
]
}
}
