Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-1000152

Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such as an admin changing another user's account settings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2017-1000152
  • Mahara » Mahara » Version: 15.04
    cpe:2.3:a:mahara:mahara:15.04
  • Mahara » Mahara » Version: 15.04.0
    cpe:2.3:a:mahara:mahara:15.04.0
  • Mahara » Mahara » Version: 15.04.1
    cpe:2.3:a:mahara:mahara:15.04.1
  • Mahara » Mahara » Version: 15.04.2
    cpe:2.3:a:mahara:mahara:15.04.2
  • Mahara » Mahara » Version: 15.04.3
    cpe:2.3:a:mahara:mahara:15.04.3
  • Mahara » Mahara » Version: 15.04.4
    cpe:2.3:a:mahara:mahara:15.04.4
  • Mahara » Mahara » Version: 15.04.5
    cpe:2.3:a:mahara:mahara:15.04.5
  • Mahara » Mahara » Version: 15.04.6
    cpe:2.3:a:mahara:mahara:15.04.6
  • Mahara » Mahara » Version: 15.10.0
    cpe:2.3:a:mahara:mahara:15.10.0
  • Mahara » Mahara » Version: 15.10.1
    cpe:2.3:a:mahara:mahara:15.10.1
  • Mahara » Mahara » Version: 15.10.2
    cpe:2.3:a:mahara:mahara:15.10.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved