admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 17:51:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-32xx/CVE-2015-3272.json

253 lines
9.3 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2015-3272",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-02-22T05:59:00.117",
"lastModified": "2020-12-01T14:54:45.183",
"vulnStatus": "Modified",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/601.html\">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en la funci\u00f3n clean_param en lib/moodlelib.php en Moodle hasta la versi\u00f3n 2.6.11, 2.7.x en versiones anteriores a 2.7.9, 2.8.x en versiones anteriores a 2.8.7 y 2.9.x en versiones anteriores a 2.9.1 permite a atacantes remotos redirigir usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a trav\u00e9s de vectores que implican una cabecera HTTP Referer que tiene una subcadena coincidente con una URL local."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05112EC5-3AAA-499B-8763-345187529C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71407960-077B-4407-B249-789436687D91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72728F94-D408-4CAD-A214-800B1D1C7971"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33C1E9B5-6B2B-4230-92F2-EC0FB307ECF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6925A366-37EB-41ED-85C8-B56D6A93D4EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6400F9D-9654-444F-9EBB-0F73025AD744"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "66ED87A3-8237-4182-BEF5-052346067737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "57441C51-2ADB-48B9-A655-82D6B1071C26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D7276-415B-4394-8CBE-53EB40B8C5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "65CA6C47-3E85-4639-9E04-E9E63D0CED06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "105490A4-7F97-467C-9015-069CE25980EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E051AAC-EB40-491F-AF0E-EE8143C12567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FADBE87F-1855-453B-B958-0CB8A7908A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B53A7D2-BDA2-4185-97C3-977A04876A37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A51DFFA8-DFF0-429C-B697-F82F41621FEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "19FD1565-0DA1-4BA8-A501-86F13D3D29ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D82CFE8-C38D-4FF3-BC4F-6C27AD64D9A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB754AF-3DA4-4459-A53B-3BC7B78CE313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F57E8383-C3F3-480C-B9A9-49633DAAEC18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "645E8B7B-1AE6-4F46-AFA9-7506685CD571"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12737AF4-B2D5-4661-B06A-6A06FE95EC2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88C59A94-D225-478A-B23E-41C4324BC643"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "192EA69B-A1E1-4E0D-8E73-76EB74CCDE49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D88385B1-EEFB-4825-BD8F-215C39FD86DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BE2782-D167-4237-B57D-2E4C04571524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F277F979-12FA-47A5-B0A5-D174C2127A7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "38498617-8E45-4E73-AE9F-C7A0D18FDE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9224D94-1C48-468C-A39B-B2694ED178F4"
}
]
}
]
}
],
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688",
"source": "secalert@redhat.com"
},
{
"url": "http://openwall.com/lists/oss-security/2015/07/13/2",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id/1032877",
"source": "secalert@redhat.com"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=316662",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink