CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

History

16 Nov 2023, 19:00

Type Values Removed Values Added
First Time Moodle moodle
Fedoraproject extra Packages For Enterprise Linux
Fedoraproject fedora
Moodle
Fedoraproject
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
CPE cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*
References () https://moodle.org/mod/forum/discuss.php?d=451581 - () https://moodle.org/mod/forum/discuss.php?d=451581 - Patch, Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2243432 - () https://bugzilla.redhat.com/show_bug.cgi?id=2243432 - Issue Tracking, Patch, Third Party Advisory
References () http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409 - () http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409 - Patch

09 Nov 2023, 20:51

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-09 20:15

Updated : 2023-12-10 15:26


NVD link : CVE-2023-5540

Mitre link : CVE-2023-5540

CVE.ORG link : CVE-2023-5540


JSON object : View

Products Affected

fedoraproject

  • fedora
  • extra_packages_for_enterprise_linux

moodle

  • moodle
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')