admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-32xx/CVE-2015-3272.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

272 lines
9.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-3272",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-02-22T05:59:00.117",
"lastModified": "2024-11-21T02:29:02.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en la funci\u00f3n clean_param en lib/moodlelib.php en Moodle hasta la versi\u00f3n 2.6.11, 2.7.x en versiones anteriores a 2.7.9, 2.8.x en versiones anteriores a 2.8.7 y 2.9.x en versiones anteriores a 2.9.1 permite a atacantes remotos redirigir usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a trav\u00e9s de vectores que implican una cabecera HTTP Referer que tiene una subcadena coincidente con una URL local."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"baseScore": 5.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05112EC5-3AAA-499B-8763-345187529C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71407960-077B-4407-B249-789436687D91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72728F94-D408-4CAD-A214-800B1D1C7971"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33C1E9B5-6B2B-4230-92F2-EC0FB307ECF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6925A366-37EB-41ED-85C8-B56D6A93D4EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6400F9D-9654-444F-9EBB-0F73025AD744"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "66ED87A3-8237-4182-BEF5-052346067737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "57441C51-2ADB-48B9-A655-82D6B1071C26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D7276-415B-4394-8CBE-53EB40B8C5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "65CA6C47-3E85-4639-9E04-E9E63D0CED06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "105490A4-7F97-467C-9015-069CE25980EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E051AAC-EB40-491F-AF0E-EE8143C12567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FADBE87F-1855-453B-B958-0CB8A7908A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B53A7D2-BDA2-4185-97C3-977A04876A37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A51DFFA8-DFF0-429C-B697-F82F41621FEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "19FD1565-0DA1-4BA8-A501-86F13D3D29ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D82CFE8-C38D-4FF3-BC4F-6C27AD64D9A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB754AF-3DA4-4459-A53B-3BC7B78CE313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F57E8383-C3F3-480C-B9A9-49633DAAEC18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "645E8B7B-1AE6-4F46-AFA9-7506685CD571"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12737AF4-B2D5-4661-B06A-6A06FE95EC2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88C59A94-D225-478A-B23E-41C4324BC643"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "192EA69B-A1E1-4E0D-8E73-76EB74CCDE49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D88385B1-EEFB-4825-BD8F-215C39FD86DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BE2782-D167-4237-B57D-2E4C04571524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F277F979-12FA-47A5-B0A5-D174C2127A7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "38498617-8E45-4E73-AE9F-C7A0D18FDE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9224D94-1C48-468C-A39B-B2694ED178F4"
}
]
}
]
}
],
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688",
"source": "secalert@redhat.com"
},
{
"url": "http://openwall.com/lists/oss-security/2015/07/13/2",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id/1032877",
"source": "secalert@redhat.com"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=316662",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://openwall.com/lists/oss-security/2015/07/13/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id/1032877",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=316662",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
],
"evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/601.html\">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>"
}
Reference in New Issue View Git Blame Copy Permalink