Vulnerability CVE-2018-1137

Vulnerability Name:

CVE-2018-1137 (CCN-143877)

Assigned:

2017-12-04

Published:

2018-05-25

Updated:

2018-06-25

Summary:

An issue was discovered in Moodle 3.x. By substituting URLs in portfolios, users can instantiate any class. This can also be exploited by users who are logged in as guests to create a DDoS attack.

CVSS v3 Severity:

8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): High

4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2018-1137

Source: BID
Type: Third Party Advisory, VDB Entry
104307

Source: CCN
Type: BID-104307
Moodle Multiple Security Vulnerabilities

Source: XF
Type: UNKNOWN
moodle-cve20181137-dos(143877)

Source: CCN
Type: Moodle Security Advisory MSA-18-0012
Portfolio script allows instantiation of class chosen by user

Source: CONFIRM
Type: Vendor Advisory
https://moodle.org/mod/forum/discuss.php?d=371204

Source: CCN
Type: Mend Vulnerability Database
CVE-2018-1137

Vulnerable Configuration:

Configuration 1:

cpe:/a:moodle:moodle:*:*:*:*:*:*:*:* (Version >= 3.1.0 and <= 3.1.11)

OR cpe:/a:moodle:moodle:*:*:*:*:*:*:*:* (Version >= 3.2.0 and <= 3.2.8)

OR cpe:/a:moodle:moodle:*:*:*:*:*:*:*:* (Version >= 3.3.0 and <= 3.3.5)

OR cpe:/a:moodle:moodle:*:*:*:*:*:*:*:* (Version >= 3.4.0 and <= 3.4.2)

Configuration CCN 1:

cpe:/a:moodle:moodle:3.1.0:-:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.2.0:-:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.3.0:-:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.4.0:-:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.1.11:*:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.2.8:*:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.3.5:*:*:*:*:*:*:*

OR cpe:/a:moodle:moodle:3.4.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.xenial:def:201811370000000	V	CVE-2018-1137 on Ubuntu 16.04 LTS (xenial) - medium.	2018-05-25
oval:com.ubuntu.artful:def:20181137000	V	CVE-2018-1137 on Ubuntu 17.10 (artful) - medium.	2018-05-25
oval:com.ubuntu.xenial:def:20181137000	V	CVE-2018-1137 on Ubuntu 16.04 LTS (xenial) - medium.	2018-05-25
oval:com.ubuntu.disco:def:201811370000000	V	CVE-2018-1137 on Ubuntu 19.04 (disco) - medium.	2018-05-25
oval:com.ubuntu.bionic:def:20181137000	V	CVE-2018-1137 on Ubuntu 18.04 LTS (bionic) - medium.	2018-05-25
oval:com.ubuntu.cosmic:def:201811370000000	V	CVE-2018-1137 on Ubuntu 18.10 (cosmic) - medium.	2018-05-25
oval:com.ubuntu.cosmic:def:20181137000	V	CVE-2018-1137 on Ubuntu 18.10 (cosmic) - medium.	2018-05-25
oval:com.ubuntu.bionic:def:201811370000000	V	CVE-2018-1137 on Ubuntu 18.04 LTS (bionic) - medium.	2018-05-25
oval:com.ubuntu.trusty:def:20181137000	V	CVE-2018-1137 on Ubuntu 14.04 LTS (trusty) - medium.	2018-05-25

BACK