// For flags

CVE-2014-3543

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format.

mod/imscp/locallib.php en Moodle hasta 2.3.11, 2.4.x anterior a 2.4.11, 2.5.x anterior a 2.5.7, 2.6.x anterior a 2.6.4 y 2.7.x anterior a 2.7.1 permite a atacantes remotos leer ficheros arbitrarios a través de un paquete con un fichero de manifiesto que contiene una declaración de entidad externa XML en conjunto con una referencia de entidad, relacionado con un problema de entidad externa XML (XXE) que afecta recursos IMSCP y el formato IMSCC.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-05-14 CVE Reserved
  • 2014-07-29 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
<= 2.3.11
Search vendor "Moodle" for product "Moodle" and version " <= 2.3.11"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.0
Search vendor "Moodle" for product "Moodle" and version "2.3.0"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.1
Search vendor "Moodle" for product "Moodle" and version "2.3.1"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.2
Search vendor "Moodle" for product "Moodle" and version "2.3.2"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.3
Search vendor "Moodle" for product "Moodle" and version "2.3.3"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.4
Search vendor "Moodle" for product "Moodle" and version "2.3.4"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.5
Search vendor "Moodle" for product "Moodle" and version "2.3.5"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.6
Search vendor "Moodle" for product "Moodle" and version "2.3.6"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.7
Search vendor "Moodle" for product "Moodle" and version "2.3.7"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.8
Search vendor "Moodle" for product "Moodle" and version "2.3.8"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.9
Search vendor "Moodle" for product "Moodle" and version "2.3.9"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.3.10
Search vendor "Moodle" for product "Moodle" and version "2.3.10"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.0
Search vendor "Moodle" for product "Moodle" and version "2.5.0"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.1
Search vendor "Moodle" for product "Moodle" and version "2.5.1"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.2
Search vendor "Moodle" for product "Moodle" and version "2.5.2"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.3
Search vendor "Moodle" for product "Moodle" and version "2.5.3"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.4
Search vendor "Moodle" for product "Moodle" and version "2.5.4"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.5
Search vendor "Moodle" for product "Moodle" and version "2.5.5"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.5.6
Search vendor "Moodle" for product "Moodle" and version "2.5.6"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.6.0
Search vendor "Moodle" for product "Moodle" and version "2.6.0"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.6.1
Search vendor "Moodle" for product "Moodle" and version "2.6.1"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.6.2
Search vendor "Moodle" for product "Moodle" and version "2.6.2"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.6.3
Search vendor "Moodle" for product "Moodle" and version "2.6.3"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.0
Search vendor "Moodle" for product "Moodle" and version "2.4.0"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.1
Search vendor "Moodle" for product "Moodle" and version "2.4.1"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.2
Search vendor "Moodle" for product "Moodle" and version "2.4.2"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.3
Search vendor "Moodle" for product "Moodle" and version "2.4.3"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.4
Search vendor "Moodle" for product "Moodle" and version "2.4.4"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.5
Search vendor "Moodle" for product "Moodle" and version "2.4.5"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.6
Search vendor "Moodle" for product "Moodle" and version "2.4.6"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.7
Search vendor "Moodle" for product "Moodle" and version "2.4.7"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.8
Search vendor "Moodle" for product "Moodle" and version "2.4.8"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.9
Search vendor "Moodle" for product "Moodle" and version "2.4.9"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.4.10
Search vendor "Moodle" for product "Moodle" and version "2.4.10"
-
Affected
Moodle
Search vendor "Moodle"
Moodle
Search vendor "Moodle" for product "Moodle"
2.7.0
Search vendor "Moodle" for product "Moodle" and version "2.7.0"
-
Affected