icon

We found results for “

CVE-2011-4587

Good to know:

icon

Date: July 20, 2012

lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable blank passwords.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Credentials Management

CWE-255

Top Fix

icon

Upgrade Version

Upgrade to version v1.9.15,v2.0.6,v2.1.3

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us