Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-2272
Vulnerability from csaf_certbund
Published
2025-10-13 22:00
Modified
2025-10-23 22:00
Summary
Moodle: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Moodle ist ein Software-Paket, um internetbasierte Kurse zu entwickeln und durchzuführen. Es ist ein globales Softwareentwicklungsprojekt, das einen konstruktivistischen Lehr- und Lernansatz unterstützt.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Moodle ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Moodle ist ein Software-Paket, um internetbasierte Kurse zu entwickeln und durchzuf\u00fchren. Es ist ein globales Softwareentwicklungsprojekt, das einen konstruktivistischen Lehr- und Lernansatz unterst\u00fctzt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Moodle ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2272 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2272.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2272 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2272"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470381\u0026parent=1888226"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470382\u0026parent=1888227"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470383\u0026parent=1888228"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470384\u0026parent=1888229"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470385\u0026parent=1888230"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470386\u0026parent=1888231"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470387\u0026parent=1888232"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470388\u0026parent=1888233"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470389\u0026parent=1888234"
},
{
"category": "external",
"summary": "Moodle Security Announcements vom 2025-10-13",
"url": "https://moodle.org/mod/forum/discuss.php?d=470390\u0026parent=1888235"
}
],
"source_lang": "en-US",
"title": "Moodle: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-23T22:00:00.000+00:00",
"generator": {
"date": "2025-10-24T08:08:37.374+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2272",
"initial_release_date": "2025-10-13T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-35669, EUVD-2025-35666, EUVD-2025-35667, EUVD-2025-35668, EUVD-2025-35670, EUVD-2025-35671, EUVD-2025-35672, EUVD-2025-35673"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.0.3",
"product": {
"name": "Open Source Moodle \u003c5.0.3",
"product_id": "T047598"
}
},
{
"category": "product_version",
"name": "5.0.3",
"product": {
"name": "Open Source Moodle 5.0.3",
"product_id": "T047598-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:moodle:5.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.5.7",
"product": {
"name": "Open Source Moodle \u003c4.5.7",
"product_id": "T047599"
}
},
{
"category": "product_version",
"name": "4.5.7",
"product": {
"name": "Open Source Moodle 4.5.7",
"product_id": "T047599-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:moodle:4.5.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.4.11",
"product": {
"name": "Open Source Moodle \u003c4.4.11",
"product_id": "T047600"
}
},
{
"category": "product_version",
"name": "4.4.11",
"product": {
"name": "Open Source Moodle 4.4.11",
"product_id": "T047600-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:moodle:4.4.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.1.21",
"product": {
"name": "Open Source Moodle \u003c4.1.21",
"product_id": "T047601"
}
},
{
"category": "product_version",
"name": "4.1.21",
"product": {
"name": "Open Source Moodle 4.1.21",
"product_id": "T047601-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:moodle:4.1.21"
}
}
}
],
"category": "product_name",
"name": "Moodle"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54869",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-54869"
},
{
"cve": "CVE-2025-62393",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62393"
},
{
"cve": "CVE-2025-62394",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62394"
},
{
"cve": "CVE-2025-62395",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62395"
},
{
"cve": "CVE-2025-62396",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62396"
},
{
"cve": "CVE-2025-62397",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62397"
},
{
"cve": "CVE-2025-62398",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62398"
},
{
"cve": "CVE-2025-62399",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62399"
},
{
"cve": "CVE-2025-62400",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62400"
},
{
"cve": "CVE-2025-62401",
"product_status": {
"known_affected": [
"T047601",
"T047599",
"T047600",
"T047598"
]
},
"release_date": "2025-10-13T22:00:00.000+00:00",
"title": "CVE-2025-62401"
}
]
}
CVE-2025-54869 (GCVE-0-2025-54869)
Vulnerability from cvelistv5
Published
2025-08-05 23:34
Modified
2025-08-07 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service (DoS) vulnerability. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to sustained service unavailability. This issue is fixed in version 2.6.3.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T14:02:39.237166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T14:02:48.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FPDI",
"vendor": "Setasign",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service (DoS) vulnerability. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to sustained service unavailability. This issue is fixed in version 2.6.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T23:34:17.937Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Setasign/FPDI/security/advisories/GHSA-jxhh-4648-vpp3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Setasign/FPDI/security/advisories/GHSA-jxhh-4648-vpp3"
},
{
"name": "https://github.com/Setasign/FPDI/commit/ba671ba9221cffd32c2dda87316c19f522a1c5f0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Setasign/FPDI/commit/ba671ba9221cffd32c2dda87316c19f522a1c5f0"
}
],
"source": {
"advisory": "GHSA-jxhh-4648-vpp3",
"discovery": "UNKNOWN"
},
"title": "FPDI is Vulnerable to Memory Exhaustion (OOM) through its PDF Parser"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54869",
"datePublished": "2025-08-05T23:34:17.937Z",
"dateReserved": "2025-07-31T17:23:33.473Z",
"dateUpdated": "2025-08-07T14:02:48.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62400 (GCVE-0-2025-62400)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62400",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:48:02.796565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:48:12.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThan": "4.1.21",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Robert Toth for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:43.890Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62400"
},
{
"name": "RHBZ#2404433",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404433"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:42:38.973000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: hidden group names visible to event creators",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62400",
"datePublished": "2025-10-23T11:28:43.890Z",
"dateReserved": "2025-10-13T10:12:30.926Z",
"dateUpdated": "2025-10-23T14:48:12.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62396 (GCVE-0-2025-62396)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-548 - Exposure of Information Through Directory Listing
Summary
An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:12:55.991738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:13:02.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Yedidia Klein for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-548",
"description": "Exposure of Information Through Directory Listing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:31.054Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62396"
},
{
"name": "RHBZ#2404429",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404429"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:25:44.556000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: router (r.php) could expose application directories",
"x_redhatCweChain": "CWE-548: Exposure of Information Through Directory Listing"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62396",
"datePublished": "2025-10-23T11:28:31.054Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-23T14:13:02.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62399 (GCVE-0-2025-62399)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Summary
Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:51:39.821636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:52:02.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThan": "4.1.21",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Petr Skoda for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Moodle\u2019s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:39.756Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62399"
},
{
"name": "RHBZ#2404432",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404432"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:36:07.887000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: password brute force risk when mobile/web services enabled",
"x_redhatCweChain": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62399",
"datePublished": "2025-10-23T11:28:39.756Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-23T14:52:02.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62398 (GCVE-0-2025-62398)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-24 14:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:57:39.929765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T14:11:10.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Petr Skoda for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:36.897Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62398"
},
{
"name": "RHBZ#2404431",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404431"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:32:51.565000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: possible to bypass mfa",
"x_redhatCweChain": "CWE-287: Improper Authentication"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62398",
"datePublished": "2025-10-23T11:28:36.897Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-24T14:11:10.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62393 (GCVE-0-2025-62393)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:18:24.463589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:18:34.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Dani Palou for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T12:08:50.260Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62393"
},
{
"name": "RHBZ#2404426",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404426"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=470381"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:00:07.894000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: course access permissions not properly checked in course_output_fragment_course_overview",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62393",
"datePublished": "2025-10-23T11:28:25.023Z",
"dateReserved": "2025-10-13T10:12:30.924Z",
"dateUpdated": "2025-10-23T14:18:34.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62401 (GCVE-0-2025-62401)
Vulnerability from cvelistv5
Published
2025-10-23 11:29
Modified
2025-10-23 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62401",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:38:17.781648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:39:05.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThan": "4.1.21",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Charles Fulton for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue in Moodle\u2019s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:29:32.189Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62401"
},
{
"name": "RHBZ#2404434",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404434"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:45:39.393000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: possible to bypass timer in timed assignments",
"x_redhatCweChain": "CWE-285: Improper Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62401",
"datePublished": "2025-10-23T11:29:32.189Z",
"dateReserved": "2025-10-13T10:12:30.926Z",
"dateUpdated": "2025-10-23T14:39:05.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62394 (GCVE-0-2025-62394)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:14:03.096825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:14:11.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Philipp Hager for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:27.990Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62394"
},
{
"name": "RHBZ#2404427",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404427"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:14:42.474000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: quiz notifications sent to suspended participants",
"x_redhatCweChain": "CWE-863: Incorrect Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62394",
"datePublished": "2025-10-23T11:28:27.990Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-23T14:14:11.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62397 (GCVE-0-2025-62397)
Vulnerability from cvelistv5
Published
2025-10-23 11:28
Modified
2025-10-23 14:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Summary
The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:12:21.754220Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:12:29.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Adam Jenkins for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The router\u2019s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:28:33.922Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62397"
},
{
"name": "RHBZ#2404430",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404430"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:28:54.803000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: router produces json instead of 404 error for invalid course id",
"x_redhatCweChain": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62397",
"datePublished": "2025-10-23T11:28:33.922Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-23T14:12:29.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-62395 (GCVE-0-2025-62395)
Vulnerability from cvelistv5
Published
2025-10-23 11:29
Modified
2025-10-23 14:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T14:42:56.823232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:43:09.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.5.7",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThan": "4.1.21",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Paul Holden for reporting this issue."
}
],
"datePublic": "2025-10-14T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T11:29:29.299Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-62395"
},
{
"name": "RHBZ#2404428",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404428"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T14:21:14.694000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-14T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: external cohort search service leaks system cohort data",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2025-62395",
"datePublished": "2025-10-23T11:29:29.299Z",
"dateReserved": "2025-10-13T10:12:30.925Z",
"dateUpdated": "2025-10-23T14:43:09.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…