CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-48901

High Severity
Moodle
SVRS
45/100
CVSSv3
4.3/10
EPSS
0.00059/1

CVE-2024-48901 in Moodle allows unauthorized users to potentially access report schedules without proper permissions. This vulnerability arises because of insufficient permission checks, leading to information disclosure. Although the CVSS score is 4.3, the SVRS of 45 indicates a moderate risk, meaning it doesn't require immediate action but should be addressed promptly. An attacker could exploit this flaw to view sensitive information related to report scheduling that they should not have access to. This oversight can compromise the security and confidentiality of Moodle's reporting features. Organizations using Moodle should apply the necessary patches or updates to mitigate this risk and ensure proper permission enforcement.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:L
UI:N
S:U
C:N
I:L
A:N
PUBLICATION DATE2024-11-18
LAST MODIFIED2024-11-20
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-48901 affects Moodle and allows unauthorized access to report schedules if proper permissions are not enforced. This vulnerability stems from a lack of adequate authorization controls, potentially allowing attackers to view sensitive information related to reports. While the CVSS score is 4.3, the SVRS score of 42 indicates a moderate risk level, suggesting that while the vulnerability is exploitable, it might not be actively exploited by malicious actors at this time.

Key Insights

  • Unauthorized Access to Sensitive Data: The vulnerability enables attackers to access report schedules without proper authorization, potentially exposing confidential information related to the reports.
  • Limited Impact: The impact of this vulnerability is primarily focused on information disclosure, with no known ability for attackers to gain full control over the system.
  • Potential for Further Exploitation: While the current vulnerability allows access to report schedules, it could be used as a steppingstone for further exploitation by attackers to gain more access to the system or manipulate data.
  • Lack of Active Exploits: At present, there are no known active exploits for this vulnerability, but it is important to stay vigilant and implement mitigation strategies to prevent potential future attacks.

Mitigation Strategies

  • Implement Access Control Measures: Enforce strict access controls to ensure that only authorized users can view and edit report schedules. This can be achieved through user role management and permissions settings.
  • Regular Security Updates: Ensure that Moodle instances are kept up-to-date with the latest security patches. This includes promptly applying any patches released by Moodle for CVE-2024-48901.
  • Monitor System Logs: Regularly review system logs for any suspicious activity or attempts to access unauthorized data. This will help identify potential attacks and enable timely response measures.
  • Security Awareness Training: Educate users about the importance of security and best practices for handling sensitive information. Training should cover topics like strong passwords, avoiding phishing attempts, and reporting suspicious activity.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-48901 | Moodle Report Schedule resource injection
vuldb.com2024-10-15
CVE-2024-48901 | Moodle Report Schedule resource injection | A vulnerability, which was classified as critical, was found in Moodle. This affects an unknown part of the component Report Schedule Handler. The manipulation leads to improper control of resource identifiers. This vulnerability is uniquely identified as CVE-2024-48901. It is possible to initiate the attack remotely. There is no exploit available.
cve-2024-48901
domains
urls
cves

Social Media

CVE-2024-48901 A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that repo… https://t.co/j6DNqHTXpz
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppMoodlemoodle

References

ReferenceLink
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2318817

CWE Details

CWE IDCWE NameDescription
CWE-863Incorrect AuthorizationThe software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CWE-285Improper AuthorizationThe software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence