CVE Vulnerabilities

CVE-2024-45691

Published: Nov 20, 2024 | Modified: Jun 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to magic hash values.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle * 4.1.13 (excluding)
Moodle Moodle 4.2.0 (including) 4.2.10 (excluding)
Moodle Moodle 4.3.0 (including) 4.3.7 (excluding)
Moodle Moodle 4.4.0 (including) 4.4.3 (excluding)

References