CVE-2012-6104

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2012-6098, CVE-2012-6099, CVE-2012-6100, CVE-2012-6101, CVE-2012-6102, CVE-2012-6103, CVE-2012-6105, CVE-2012-6106, CVE-2012-6112

Published on 27/01/13 - Updated on 30/01/13

Description

blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2012-6104
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2013-AVI-052
Renater 2013/VULN035

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
moodlemoodle

Share this vulnerability with:

Twitter Facebook LinkedIn Mail