CVE-2012-1156Log File Information Exposure in Moodle

CWE-532Log File Information Exposure6 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.2%
top 20.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
MoodleFedoraproject FedoraRedhat Enterprise Linux
Timeline
PublishedNov 14
Latest updateApr 23

Description

Moodle before 2.2.2 has users' private files included in course backups

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDmoodle/moodle< 2.2.2
Packagistmoodle/moodle2.22.2.2+2
CVEListV5moodle/moodle2.0 to 2.0.7+, 2.1 to 2.1.4+, 2.2 to 2.2.1++2

Also affects: Fedora 15, 16, 17, Enterprise Linux 6.0

Patches

Patch: bugzilla.redhat.comPatch: moodle.orgPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
Moodle backs up private files2022-04-23
OSV
Moodle backs up private files2022-04-23

💬Community

3
Bugzilla
CVE-2012-1155 CVE-2012-1156 CVE-2012-1157 CVE-2012-1158 CVE-2012-1159 CVE-2012-1160 CVE-2012-1161 CVE-2012-1168 CVE-2012-1169 CVE-2012-1170 moodle: multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.2012-04-02
Bugzilla
CVE-2012-1155 CVE-2012-1156 CVE-2012-1157 CVE-2012-1158 CVE-2012-1159 CVE-2012-1160 CVE-2012-1161 CVE-2012-1168 CVE-2012-1169 CVE-2012-1170 moodle: multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.2012-04-02
Bugzilla
CVE-2012-1155 CVE-2012-1156 CVE-2012-1157 CVE-2012-1158 CVE-2012-1159 CVE-2012-1160 CVE-2012-1161 CVE-2012-1168 CVE-2012-1169 CVE-2012-1170 moodle: multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.2012-04-02
CVE-2012-1156 — Log File Information Exposure in Moodle | cvebase