Miggo Logo

CVE-2014-7848: Moodle allows attacks to obtain sensitive information

5

CVSS Score

Basic Information

EPSS Score
0.59159%
Published
5/13/2022
Updated
1/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 2.6.0, < 2.6.62.6.6
moodle/moodlecomposer>= 2.7.0, < 2.7.32.7.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from direct web access to lib/phpunit/bootstrap.php, which lacked a web access check. The file's error reporting configuration (error_reporting(E_ALL) and display_errors=1) exposed full path information when accessed. However, this is not caused by a specific function but rather by the absence of access control at the script level. The patch added a REMOTE_ADDR check to block web requests, indicating the vulnerability was structural (file accessibility) rather than tied to a particular function implementation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

li*/p*punit/*ootstr*p.p*p in Moo*l* *.*.x ***or* *.*.* *n* *.*.x ***or* *.*.* *llows r*mot* *tt**k*rs to o*t*in s*nsitiv* in*orm*tion vi* * *ir**t r*qu*st, w*i** r*v**ls t** *ull p*t* in *n *rror m*ss***.

Reasoning

T** vuln*r**ility st*ms *rom *ir**t w** ****ss to li*/p*punit/*ootstr*p.p*p, w*i** l**k** * w** ****ss ****k. T** *il*'s *rror r*portin* *on*i*ur*tion (*rror_r*portin*(*_*LL) *n* *ispl*y_*rrors=*) *xpos** *ull p*t* in*orm*tion w**n ****ss**. *ow*v*r,