What is the severity of CVE-2015-0215?

CVE-2015-0215 is classified as a medium severity vulnerability affecting Moodle.

How do I fix CVE-2015-0215?

To resolve CVE-2015-0215, upgrade to Moodle version 2.6.7, 2.7.4, or 2.8.2 or later.

Who is affected by CVE-2015-0215?

CVE-2015-0215 affects remote authenticated users of Moodle versions 2.5.0 through 2.8.0.

What type of vulnerability is CVE-2015-0215?

CVE-2015-0215 is an information disclosure vulnerability that allows users to access sensitive calendar-event information.

Can I still use older versions of Moodle with CVE-2015-0215?

Using older versions of Moodle impacted by CVE-2015-0215 is not recommended due to security risks.

Vulnerability/
CVE-2015-0215

medium

CWE

200

1/6/2015

13/5/2022

6/8/2024

CVE-2015-0215: Infoleak

First published: Mon Jun 01 2015(Updated: )

calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to obtain sensitive calendar-event information via a web-services request.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
composer/moodle/moodle	>=2.8.0<2.8.2	2.8.2
composer/moodle/moodle	>=2.7.0<2.7.4	2.7.4
composer/moodle/moodle	<2.6.7	2.6.7
Moodle	<=2.5.9
Moodle	=2.5.0
Moodle	=2.5.1
Moodle	=2.5.2
Moodle	=2.5.3
Moodle	=2.5.4
Moodle	=2.5.5
Moodle	=2.5.6
Moodle	=2.5.7
Moodle	=2.5.8
Moodle	=2.6.0
Moodle	=2.6.1
Moodle	=2.6.2
Moodle	=2.6.3
Moodle	=2.6.4
Moodle	=2.6.5
Moodle	=2.6.6
Moodle	=2.7.0
Moodle	=2.7.1
Moodle	=2.7.2
Moodle	=2.7.3
Moodle	=2.8.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0215?
CVE-2015-0215 is classified as a medium severity vulnerability affecting Moodle.
How do I fix CVE-2015-0215?
To resolve CVE-2015-0215, upgrade to Moodle version 2.6.7, 2.7.4, or 2.8.2 or later.
Who is affected by CVE-2015-0215?
CVE-2015-0215 affects remote authenticated users of Moodle versions 2.5.0 through 2.8.0.
What type of vulnerability is CVE-2015-0215?
CVE-2015-0215 is an information disclosure vulnerability that allows users to access sensitive calendar-event information.
Can I still use older versions of Moodle with CVE-2015-0215?
Using older versions of Moodle impacted by CVE-2015-0215 is not recommended due to security risks.

agent/type
collector/github-advisory-latest
source/GitHub
alias/GHSA-fr9m-pjmm-qx9f
alias/CVE-2015-0215
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/references
agent/description
agent/author
agent/softwarecombine
collector/github-advisory
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/composer
vendor/moodle
canonical/moodle
version/moodle/2.5.9
version/moodle/2.5.0
version/moodle/2.5.1
version/moodle/2.5.2
version/moodle/2.5.3
version/moodle/2.5.4
version/moodle/2.5.5
version/moodle/2.5.6
version/moodle/2.5.7
version/moodle/2.5.8
version/moodle/2.6.0
version/moodle/2.6.1
version/moodle/2.6.2
version/moodle/2.6.3
version/moodle/2.6.4
version/moodle/2.6.5
version/moodle/2.6.6
version/moodle/2.7.0
version/moodle/2.7.1
version/moodle/2.7.2
version/moodle/2.7.3
version/moodle/2.8.0