CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4300

Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for attackers to obtain credentials via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.2%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2009-4300

Moodle » Moodle » Version: 1.8.1

cpe:2.3:a:moodle:moodle:1.8.1
Moodle » Moodle » Version: 1.8.10

cpe:2.3:a:moodle:moodle:1.8.10
Moodle » Moodle » Version: 1.8.2

cpe:2.3:a:moodle:moodle:1.8.2
Moodle » Moodle » Version: 1.8.3

cpe:2.3:a:moodle:moodle:1.8.3
Moodle » Moodle » Version: 1.8.4

cpe:2.3:a:moodle:moodle:1.8.4
Moodle » Moodle » Version: 1.8.5

cpe:2.3:a:moodle:moodle:1.8.5
Moodle » Moodle » Version: 1.8.7

cpe:2.3:a:moodle:moodle:1.8.7
Moodle » Moodle » Version: 1.8.8

cpe:2.3:a:moodle:moodle:1.8.8
Moodle » Moodle » Version: 1.8.9

cpe:2.3:a:moodle:moodle:1.8.9
Moodle » Moodle » Version: 1.9.1

cpe:2.3:a:moodle:moodle:1.9.1
Moodle » Moodle » Version: 1.9.2

cpe:2.3:a:moodle:moodle:1.9.2
Moodle » Moodle » Version: 1.9.3

cpe:2.3:a:moodle:moodle:1.9.3
Moodle » Moodle » Version: 1.9.4

cpe:2.3:a:moodle:moodle:1.9.4
Moodle » Moodle » Version: 1.9.5

cpe:2.3:a:moodle:moodle:1.9.5
Moodle » Moodle » Version: 1.9.6

cpe:2.3:a:moodle:moodle:1.9.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4300

Products

Pricing

Contact Us