admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 17:51:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-435xx/CVE-2021-43560.json

165 lines
4.9 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2021-43560",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2021-11-22T16:15:08.337",
"lastModified": "2022-12-21T15:01:19.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en Moodle en versiones 3.11 hasta 3.11.3, versiones 3.10 hasta 3.10.7, versiones 3.9 hasta 3.9.10 y versiones anteriores no soportadas. Las comprobaciones de capacidad insuficientes permit\u00edan conseguir los eventos de acci\u00f3n del calendario de otros usuarios"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.8.8",
"matchCriteriaId": "4217FD61-6104-4E75-9682-5B062DAE8F07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.11",
"matchCriteriaId": "5A89EE08-E6AB-44F3-8FC1-16888828FA39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.10.0",
"versionEndExcluding": "3.10.8",
"matchCriteriaId": "263E6DFA-1E01-4254-BFB8-DFFB2D9976EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11.0",
"versionEndExcluding": "3.11.4",
"matchCriteriaId": "9B915A05-16EC-43E4-9B4B-BCD5E5E1ABBF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9C7598-4BB4-442A-86DF-EEDE041A4CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021519",
"source": "patrick@puiterwijk.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=429100",
"source": "patrick@puiterwijk.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink