1. CVE-Search
  2. CVE-2020-25698
ID CVE-2020-25698
Summary Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8, 3.8 to 3.8.5, 3.9 to 3.9.2 and earlier unsupported versions. Fixed in 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.
References
Vulnerable Configurations
  • cpe:2.3:a:moodle:moodle:3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.0:-:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.0:beta:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.11:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:beta:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 02-12-2020 - 19:53)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
fedora
  • FEDORA-2020-304aa2c365
  • FEDORA-2020-db73e37548
misc
Last major update 02-12-2020 - 19:53
Published 19-11-2020 - 17:15
Last modified 02-12-2020 - 19:53
Back to Top