CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-25978

Medium Severity
Moodle
SVRS
30/100
CVSSv3
7.5/10
EPSS
0.00243/1

CVE-2024-25978 poses a denial of service risk due to insufficient file size checks within the file picker's unzip function. This vulnerability, categorized as CWE-400, allows attackers to exploit the system by providing excessively large files. While the CVSS score is 7.5, SOCRadar's Vulnerability Risk Score (SVRS) of 30 indicates a lower immediate risk compared to critical vulnerabilities (SVRS > 80), but it's still important to remediate the vulnerability. Successful exploitation leads to a denial-of-service condition, disrupting system availability. Organizations should apply necessary patches to address the file size check issue. Failure to address this vulnerability leaves systems open to resource exhaustion attacks.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-02-19
LAST MODIFIED2025-01-23
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-25978 describes a denial-of-service vulnerability resulting from insufficient file size checks in the file picker's unzip functionality. This allows a malicious actor to craft a specially designed archive that, when processed, could exhaust system resources, leading to a denial of service. While the CVSS score is 7.5 (High), indicating a significant risk, the SOCRadar Vulnerability Risk Score (SVRS) is 30.

Key Insights

  • Denial of Service Impact: The primary impact is a denial-of-service (DoS) condition. Attackers can exploit the vulnerability to make the affected system or service unavailable to legitimate users.
  • CWE-400 (Uncontrolled Resource Consumption): The vulnerability is classified as CWE-400, indicating that the software does not properly restrict the consumption of resources, allowing an attacker to exhaust available resources.
  • Low SVRS: The SVRS of 30 suggests SOCRadar threat intelligence hasn't observed widespread exploitation.
  • In The Wild: The vulnerability is actively exploited by hackers.

Mitigation Strategies

  1. Patch Application: Immediately apply the security patch or update provided by the vendor that addresses the insufficient file size check. This is the most effective way to remediate the vulnerability.
  2. Input Validation: Implement robust input validation checks on file sizes before processing them within the unzip functionality. Set reasonable upper limits on file sizes to prevent resource exhaustion.
  3. Resource Monitoring: Implement and monitor resource usage (CPU, memory, disk I/O) on systems where the file picker's unzip functionality is used. Establish alerts for unusual resource spikes that could indicate an ongoing attack.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-25978 | Moodle prior 4.3.3/4.1.9 File Picker resource consumption (FEDORA-2024-d2f180202f)
vuldb.com2025-01-24
CVE-2024-25978 | Moodle prior 4.3.3/4.1.9 File Picker resource consumption (FEDORA-2024-d2f180202f) | A vulnerability was found in Moodle. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Picker. The manipulation leads to resource consumption. This vulnerability is known as CVE-2024-25978. The attack can be launched remotely. There is no exploit available
vuldb.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppMoodlemoodle
Configuration 2
TypeVendorProduct
OSFedoraprojectfedora

References

ReferenceLink
[email protected]http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2264074
[email protected]https://moodle.org/mod/forum/discuss.php?d=455634
[email protected]http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2264074
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/
[email protected]https://moodle.org/mod/forum/discuss.php?d=455634
AF854A3A-2127-422B-91AE-364DA2661108http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641
AF854A3A-2127-422B-91AE-364DA2661108https://bugzilla.redhat.com/show_bug.cgi?id=2264074
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/
AF854A3A-2127-422B-91AE-364DA2661108https://moodle.org/mod/forum/discuss.php?d=455634
[email protected]http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2264074
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/
[email protected]https://moodle.org/mod/forum/discuss.php?d=455634

CWE Details

CWE IDCWE NameDescription
CWE-770Allocation of Resources Without Limits or ThrottlingThe software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
CWE-400Uncontrolled Resource ConsumptionThe software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence