CVE-2017-1000152
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such as an admin changing another user's account settings.
Mahara, en versiones 15.04 anteriores a la 15.04.7 y versiones 15.10 anteriores a la 15.10.3 que ejecuten PHP 5.3, es vulnerable a que un usuario inicie sesión como otro usuario en un ordenador diferente debido a que se sirve el mismo ID de sesión. Esta situación puede tener lugar cuando un usuario realiza una acción que fuerza a que otro usuario cierre sesión en Mahara. Por ejemplo, si un administrador modifica los ajustes de cuenta de otro usuario.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-02 CVE Reserved
- 2017-11-03 CVE Published
- 2024-07-16 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugs.launchpad.net/mahara/+bug/1570744 | 2019-10-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04 Search vendor "Mahara" for product "Mahara" and version "15.04" | rc1 |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04 Search vendor "Mahara" for product "Mahara" and version "15.04" | rc2 |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.0 Search vendor "Mahara" for product "Mahara" and version "15.04.0" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.1 Search vendor "Mahara" for product "Mahara" and version "15.04.1" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.2 Search vendor "Mahara" for product "Mahara" and version "15.04.2" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.3 Search vendor "Mahara" for product "Mahara" and version "15.04.3" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.4 Search vendor "Mahara" for product "Mahara" and version "15.04.4" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.5 Search vendor "Mahara" for product "Mahara" and version "15.04.5" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.04.6 Search vendor "Mahara" for product "Mahara" and version "15.04.6" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.10.0 Search vendor "Mahara" for product "Mahara" and version "15.10.0" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.10.1 Search vendor "Mahara" for product "Mahara" and version "15.10.1" | - |
Affected
| ||||||
| Mahara Search vendor "Mahara" | Mahara Search vendor "Mahara" for product "Mahara" | 15.10.2 Search vendor "Mahara" for product "Mahara" and version "15.10.2" | - |
Affected
| ||||||