Miggo Logo
Miggo Vulnerability Database
CVE-2016-7038

CVE-2016-7038: Moodle Weak Password Recovery Mechanism for Forgotten Password

7.3

CVSS Score
3.0

Basic Information

CVE ID
CVE-2016-7038
GHSA ID
GHSA-2phx-w35g-x9vm
EPSS Score
0.4753%
CWE
CWE-640
Published
5/13/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 2.7, < 2.7.162.7.16
moodle/moodlecomposer>= 2.9, < 2.9.82.9.8
moodle/moodlecomposer>= 3.0, < 3.0.63.0.6
moodle/moodlecomposer>= 3.1, < 3.1.23.1.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing token revocation during password changes. Core user management functions like user_update_user and user_change_password would logically be responsible for credential updates. The security advisory (MSA-16-0022) and associated tracker issue MDL-49026 indicate these functions lacked token cleanup logic in vulnerable versions. Patched versions likely added calls to token revocation mechanisms (like external_revoke_tokens_for_user) within these password update workflows.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In Moo*l* *.x *n* *.x, w** s*rvi** tok*ns *r* not inv*li**t** w**n t** us*r p*sswor* is ***n*** or *or*** to ** ***n***.

Reasoning

T** vuln*r**ility st*ms *rom missin* tok*n r*vo**tion *urin* p*sswor* ***n**s. *or* us*r m*n***m*nt *un*tions lik* us*r_up**t*_us*r *n* us*r_***n**_p*sswor* woul* lo*i**lly ** r*sponsi*l* *or *r***nti*l up**t*s. T** s**urity **visory (MS*-**-****) *n