CVE-2019-10188
 
Severity Score
4.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.
Un defecto fue descubierto en moodle anterior a las versiones 3.7.1 ,3.6.5.7. los profesores en un grupo de preguntas podrĂa modificar las anulaciones de grupo para otros grupos en la misma prueba
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-03-27 CVE Reserved
- 2019-07-31 CVE Published
- 2024-07-24 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/109178 | Third Party Advisory | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188 | Issue Tracking |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://moodle.org/mod/forum/discuss.php?d=388569 | 2020-09-30 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Moodle Search vendor "Moodle" | Moodle Search vendor "Moodle" for product "Moodle" | < 3.5.7 Search vendor "Moodle" for product "Moodle" and version " < 3.5.7" | - |
Affected
| ||||||
Moodle Search vendor "Moodle" | Moodle Search vendor "Moodle" for product "Moodle" | >= 3.6.0 < 3.6.5 Search vendor "Moodle" for product "Moodle" and version " >= 3.6.0 < 3.6.5" | - |
Affected
| ||||||
Moodle Search vendor "Moodle" | Moodle Search vendor "Moodle" for product "Moodle" | >= 3.7.0 < 3.7.1 Search vendor "Moodle" for product "Moodle" and version " >= 3.7.0 < 3.7.1" | - |
Affected
|