2024-11-20 13:03:31 +00:00
{
"id" : "CVE-2024-48899" ,
"sourceIdentifier" : "patrick@puiterwijk.org" ,
"published" : "2024-11-20T11:15:05.563" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T13:57:24.187" ,
"vulnStatus" : "Awaiting Analysis" ,
2024-11-20 13:03:31 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to."
2024-11-20 21:03:33 +00:00
} ,
{
"lang" : "es" ,
"value" : "Se encontr\u00f3 una vulnerabilidad en Moodle. Se requieren verificaciones adicionales para garantizar que los usuarios solo puedan obtener la lista de credenciales de los cursos a los que se les pretende dar acceso."
2024-11-20 13:03:31 +00:00
}
] ,
2024-11-20 21:03:33 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "134c704f-9b21-4f2e-91b3-4a467353bcc0" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.3 ,
"baseSeverity" : "MEDIUM" ,
2024-11-20 21:03:33 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2024-11-20 21:03:33 +00:00
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 1.4
}
]
} ,
2024-11-20 13:03:31 +00:00
"weaknesses" : [
{
"source" : "patrick@puiterwijk.org" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-284"
}
]
}
] ,
"references" : [
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2318819" ,
"source" : "patrick@puiterwijk.org"
}
]
}
