CVE-2012-1168

Published: Nov 14, 2019Modified: Nov 21, 2024

8.2

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

Exploitability: 3.9 / Impact: 4.2

Source: NVD

Description

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

Affected (5)

Products: Moodle: Moodle · Fedoraproject: Fedora · Redhat: Enterprise Linux

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Before 2.2.2

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 15
Fedoraproject Fedora	Version 16
Fedoraproject Fedora	Version 17

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://access.redhat.com/security/cve/cve-2012-1168

Source: secalert@redhat.com

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://moodle.org/mod/forum/discuss.php?d=198622

Source: secalert@redhat.com

Vendor Advisory

https://security-tracker.debian.org/tracker/CVE-2012-1168

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://access.redhat.com/security/cve/cve-2012-1168

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://moodle.org/mod/forum/discuss.php?d=198622

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://security-tracker.debian.org/tracker/CVE-2012-1168

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.