Description
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Remediation
References
Related Vulnerabilities
OpenSSL Excessive Iteration Vulnerability (CVE-2023-3817)
Python CVE-2019-17514 Vulnerability (CVE-2019-17514)
Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
Oracle Database Server CVE-2006-0263 Vulnerability (CVE-2006-0263)