← Volver a CVEs
CVE-2024-43427
LOW3.7
Descripcion
A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party.
Detalles CVE
Puntuacion CVSS v3.13.7
SeveridadLOW
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/11/2024
Ultima modificacion5/1/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
moodle:moodle
Debilidades (CWE)
CWE-922
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=2304255(patrick@puiterwijk.org)
https://moodle.org/mod/forum/discuss.php?d=461195(patrick@puiterwijk.org)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.