mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
83 lines
2.6 KiB
JSON
83 lines
2.6 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-3849",
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "[UNKNOWN]",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "moodle",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "3.6.3"
|
|
},
|
|
{
|
|
"version_value": "3.5.5"
|
|
},
|
|
{
|
|
"version_value": "3.4.8"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-285"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849",
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849",
|
|
"refsource": "CONFIRM"
|
|
},
|
|
{
|
|
"url": "https://moodle.org/mod/forum/discuss.php?d=384012#p1547744",
|
|
"refsource": "MISC",
|
|
"name": "https://moodle.org/mod/forum/discuss.php?d=384012#p1547744"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
[
|
|
{
|
|
"vectorString": "6.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
|
"version": "3.0"
|
|
}
|
|
]
|
|
]
|
|
}
|
|
} |