Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2015-5341

CVE-2015-5341:
Moodle allows attackers to read SCORM contents

4.3

CVSS Score

Basic Information

CVE ID
CVE-2015-5341
GHSA ID
GHSA-c2r4-f8qv-2v7v
EPSS Score
-
CWE
-
Published
5/13/2022
Updated
1/26/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer< 2.7.112.7.11
moodle/moodlecomposer>= 2.8.0, < 2.8.92.8.9
moodle/moodlecomposer>= 2.9.0, < 2.9.32.9.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The patch (03b1f63) explicitly adds 'require_once($CFG->dirroot.'/mod/scorm/locallib.php');' to scorm_pluginfile() in lib.php. This inclusion is necessary to access scorm_get_availability_status() which performs date checks. Without this include, the availability check would be silently skipped, allowing access to SCORM content regardless of date restrictions. The vulnerability manifests in the file serving pathway (pluginfile), which is a common vector for content access bypasses. Other affected files (player.php, view.php) were patched to use the availability checks, but the root vulnerability stemmed from the missing include in the core file handling function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

mo*_s*orm in Moo*l* t*rou** *.*.**, *.*.x ***or* *.*.**, *.*.x ***or* *.*.*, *n* *.*.x ***or* *.*.* mis**n*l*s *v*il**ility **t*s, w*i** *llows r*mot* *ut**nti**t** us*rs to *yp*ss int*n*** ****ss r*stri*tions *n* r*** S*ORM *ont*nts vi* unsp**i*i**

Reasoning

T** p*t** (*******) *xpli*itly ***s 'r*quir*_on**($***->*irroot.'/mo*/s*orm/lo**lli*.p*p');' to s*orm_plu*in*il*() in li*.p*p. T*is in*lusion is n***ss*ry to ****ss s*orm_**t_*v*il**ility_st*tus() w*i** p*r*orms **t* ****ks. Wit*out t*is in*lu**, t**