Description

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.

Remediation

References

CVE-2011-4592

Related Vulnerabilities

WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.1.9)

Oracle JRE CVE-2013-5804 Vulnerability (CVE-2013-5804)

WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)

WordPress Plugin ByREV WP-PICShield Cross-Site Request Forgery (1.9.7)

Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0473)

Severity

Medium

Classification

CVE-2011-4592 CWE-264

Tags

Missing Update Known Vulnerabilities