Miggo Logo
Miggo Vulnerability Database
CVE-2015-2272

CVE-2015-2272: Moodle allows attackers to bypass a forced-password-change requirement

N/A

CVSS Score

Basic Information

CVE ID
CVE-2015-2272
GHSA ID
GHSA-5659-g9p4-354f
EPSS Score
0.5136%
CWE
-
Published
5/13/2022
Updated
1/25/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer< 2.6.92.6.9
moodle/moodlecomposer>= 2.7.0, < 2.7.62.7.6
moodle/moodlecomposer>= 2.8.0, < 2.8.42.8.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing authorization checks in the token generation endpoint. The patch adds a critical check for 'auth_forcepasswordchange' user preference using get_user_preferences() before allowing token creation. In vulnerable versions, this check was absent in login/token.php, allowing users to create persistent web service tokens even when required to change their password. The main vulnerable code path is the token generation workflow in login/token.php prior to the security check being implemented.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

lo*in/tok*n.p*p in Moo*l* t*rou** *.*.*, *.*.x ***or* *.*.*, *.*.x ***or* *.*.*, *n* *.*.x ***or* *.*.* *llows r*mot* *ut**nti**t** us*rs to *yp*ss * *or***-p*sswor*-***n** r*quir*m*nt *y *r**tin* * w**-s*rvi**s tok*n.

Reasoning

T** vuln*r**ility st*ms *rom missin* *ut*oriz*tion ****ks in t** tok*n **n*r*tion *n*point. T** p*t** ***s * *riti**l ****k *or '*ut*_*or**p*sswor****n**' us*r pr***r*n** usin* **t_us*r_pr***r*n**s() ***or* *llowin* tok*n *r**tion. In vuln*r**l* v*rs