VIR Vulnerability Intelligence Relay

CVE-2012-5471

medium
Published 2012-11-21 · Modified 2024-01-11
CVSS v3
CVSS v2
6.5
VIR risk
6.5

Description

Moodle Allows Unauthenticated Dropbox Access

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29872

Package impact
EcosystemPackageVulnerableFixed
php Packagistmoodle/moodle>=2.3,<2.3.32.3.3
php Packagistmoodle/moodle>=2.2,<2.2.62.2.6
php Packagistmoodle/moodle>=2.1,<2.1.92.1.9

Application impact
VendorProductVersionsFixed
moodlemoodle2.1.0
moodlemoodle2.1.1
moodlemoodle2.1.2
moodlemoodle2.1.3
moodlemoodle2.1.4
moodlemoodle2.1.5
moodlemoodle2.1.6
moodlemoodle2.1.7
moodlemoodle2.1.8
moodlemoodle2.2.0
moodlemoodle2.2.1
moodlemoodle2.2.2
moodlemoodle2.2.3
moodlemoodle2.2.4
moodlemoodle2.2.5
moodlemoodle2.3.0
moodlemoodle2.3.1
moodlemoodle2.3.2

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.