CVE Vulnerabilities

CVE-2011-4592

Published: Jul 20, 2012 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle 2.0.2 2.0.2
Moodle Moodle 2.0.1 2.0.1
Moodle Moodle 2.0.4 2.0.4
Moodle Moodle 2.0.3 2.0.3
Moodle Moodle 2.0.5 2.0.5
Moodle Moodle 2.0.0 2.0.0

References