CVE-2015-3180 Common Vulnerabilities and Exposures

Upstream information

CVE-2015-3180 at MITRE

Description

lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	4
Vector	AV:N/AC:L/Au:S/C:P/I:N/A:N
Access Vector	Network
Access Complexity	Low
Authentication	Single
Confidentiality Impact	Partial
Integrity Impact	None
Availability Impact	None

SUSE Bugzilla entry: 931411 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Mon May 18 17:36:23 2015
CVE page last modified: Fri Oct 7 12:47:07 2022