Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2010-1616

CVE-2010-1616:
Moodle is vulnerable to unauthorized new accounts creation

4

CVSS Score

Basic Information

CVE ID
CVE-2010-1616
GHSA ID
GHSA-966m-m549-2878
EPSS Score
-
CWE
CWE-284
Published
5/13/2022
Updated
2/7/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:L/Au:S/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 1.8.0, < 1.8.121.8.12
moodle/moodlecomposer>= 1.9.0, < 1.9.81.9.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper access control during user creation in course restoration. The patch (MDL-16658) introduced restore_precheck_users to validate the 'moodle/restore:createuser' capability and added configurable checks. In vulnerable versions, restore_create_users operated without these safeguards, and restore_execute did not enforce the pre-check. The commit diff shows these functions were modified to add security checks, confirming their role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Moo*l* *.*.x *n* *.*.x ***or* *.*.* **n *r**t* n*w rol*s w**n r*storin* * *ours*, w*i** *llows t*****rs to *r**t* n*w ***ounts *v*n i* t**y *o not **v* t** moo*l*/us*r:*r**t* **p**ility.

Reasoning

T** vuln*r**ility st*ms *rom improp*r ****ss *ontrol *urin* us*r *r**tion in *ours* r*stor*tion. T** p*t** (M*L-*****) intro*u*** r*stor*_pr*****k_us*rs to v*li**t* t** 'moo*l*/r*stor*:*r**t*us*r' **p**ility *n* ***** *on*i*ur**l* ****ks. In vuln*r**