CVE-2012-1155: Infoleak
First published: Thu Nov 14 2019(Updated: )
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/moodle | ||
| Moodle Moodle | >=1.9<1.9.17 | |
| Moodle Moodle | >=2.0<2.0.8 | |
| Moodle Moodle | >=2.1<2.1.5 | |
| Moodle Moodle | >=2.2<2.2.2 | |
| Fedoraproject Fedora | =15 | |
| Fedoraproject Fedora | =16 | |
| Fedoraproject Fedora | =17 | |
| Redhat Enterprise Linux | =6.0 | |
| Debian Debian Linux | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html
- https://access.redhat.com/security/cve/cve-2012-1155
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155
- https://moodle.org/mod/forum/discuss.php?d=198621
- https://security-tracker.debian.org/tracker/CVE-2012-1155
Frequently Asked Questions
What is CVE-2012-1155?
CVE-2012-1155 is a vulnerability in Moodle that allows the export function of the database activity module to export all entries, including those from groups the user does not belong to.
What is the severity of CVE-2012-1155?
CVE-2012-1155 has a severity rating of 7.5 (High).
Which software is affected by CVE-2012-1155?
CVE-2012-1155 affects Moodle versions 1.9 to 2.2, as well as Fedora 15-17, Red Hat Enterprise Linux 6.0, and Debian Linux 6.0.
How can I fix CVE-2012-1155?
To fix CVE-2012-1155, apply the necessary security patches and updates provided by the respective vendors for Moodle, Fedora, Red Hat Enterprise Linux, and Debian Linux.
Where can I find more information about CVE-2012-1155?
You can find more information about CVE-2012-1155 in the references provided: [1] https://security-tracker.debian.org/tracker/CVE-2012-1155 [2] http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html [3] http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/moodle
- canonical/moodle moodle
- version/moodle moodle/1.9
- version/moodle moodle/2.0
- version/moodle moodle/2.1
- version/moodle moodle/2.2
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/15
- version/fedoraproject fedora/16
- version/fedoraproject fedora/17
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/6.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/6.0
- package-manager/debian