Moodle Dynamic Tables Vulnerability: Unauthorized Access to Sensitive Information
CVE-2024-45689

Currently unrated

Key Information:

Vendor: Moodle
Status: Moodle
Vendor: CVE Published:; 20 November 2024

What is CVE-2024-45689?

A security flaw has been identified in Moodle's dynamic tables, leading to potential unauthorized access to information. The vulnerability stems from the absence of capability checks in the system, enabling users to retrieve sensitive data they are not permitted to view. Organizations utilizing affected versions of Moodle should take immediate steps to apply applicable updates or mitigate exposure to this vulnerability to ensure that user permissions are properly enforced.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2309941

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2024