CVE - CVE-2011-4584

CVE-ID
CVE-2011-4584	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:DSA-2421 URL:http://www.debian.org/security/2012/dsa-2421 MISC:http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=10df8657c1c138c0d0ab1d4796c552fcec0c299b URL:http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=10df8657c1c138c0d0ab1d4796c552fcec0c299b MISC:http://moodle.org/mod/forum/discuss.php?d=191751 URL:http://moodle.org/mod/forum/discuss.php?d=191751 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=761248 URL:https://bugzilla.redhat.com/show_bug.cgi?id=761248
Assigning CNA
Red Hat, Inc.
Date Record Created
20111129	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20111129)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)