CVE-2017-1000151: Infoleak
First published: Fri Nov 03 2017(Updated: )
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mahara Mahara | =15.04-rc1 | |
| Mahara Mahara | =15.04-rc2 | |
| Mahara Mahara | =15.04.0 | |
| Mahara Mahara | =15.04.1 | |
| Mahara Mahara | =15.04.2 | |
| Mahara Mahara | =15.04.3 | |
| Mahara Mahara | =15.04.4 | |
| Mahara Mahara | =15.04.5 | |
| Mahara Mahara | =15.04.6 | |
| Mahara Mahara | =15.04.7 | |
| Mahara Mahara | =15.04.8 | |
| Mahara Mahara | =16.04-rc1 | |
| Mahara Mahara | =16.04-rc2 | |
| Mahara Mahara | =16.04.0 | |
| Mahara Mahara | =16.04.1 | |
| Mahara Mahara | =16.04.2 | |
| Mahara Mahara | =15.10.0 | |
| Mahara Mahara | =15.10.1 | |
| Mahara Mahara | =15.10.2 | |
| Mahara Mahara | =15.10.3 | |
| Mahara Mahara | =15.10.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-1000151?
CVE-2017-1000151 is a vulnerability that allows passwords or other sensitive information to be passed by unusual parameters to end up in an error log in Mahara version 15.04 before 15.04.9, 15.10 before 15.10.5, and 16.04 before 16.04.3.
What is the severity of CVE-2017-1000151?
CVE-2017-1000151 has a severity value of 7.5, which is considered high.
Which versions of Mahara are affected by CVE-2017-1000151?
Mahara versions 15.04 before 15.04.9, 15.10 before 15.10.5, and 16.04 before 16.04.3 are affected by CVE-2017-1000151.
How can CVE-2017-1000151 be exploited?
CVE-2017-1000151 can be exploited by passing unusual parameters that contain passwords or other sensitive information, which will then be logged as an error.
How can I fix CVE-2017-1000151?
To fix CVE-2017-1000151, you should update your Mahara installation to version 15.04.9, 15.10.5, or 16.04.3 or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mahara
- canonical/mahara mahara
- version/mahara mahara/15.04-rc1
- version/mahara mahara/15.04-rc2
- version/mahara mahara/15.04.0
- version/mahara mahara/15.04.1
- version/mahara mahara/15.04.2
- version/mahara mahara/15.04.3
- version/mahara mahara/15.04.4
- version/mahara mahara/15.04.5
- version/mahara mahara/15.04.6
- version/mahara mahara/15.04.7
- version/mahara mahara/15.04.8
- version/mahara mahara/16.04-rc1
- version/mahara mahara/16.04-rc2
- version/mahara mahara/16.04.0
- version/mahara mahara/16.04.1
- version/mahara mahara/16.04.2
- version/mahara mahara/15.10.0
- version/mahara mahara/15.10.1
- version/mahara mahara/15.10.2
- version/mahara mahara/15.10.3
- version/mahara mahara/15.10.4