5.4

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-14879

GHSA ID

GHSA-g9m2-c2x5-fr2v

EPSS Score

0.43036%

CWE

CWE-273

Published

5/24/2022

Updated

8/1/2023

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-14879

CVE-2019-14879:
Moodle does not revoke role capabilities correctly

A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked (where applicable).

(GitHub Advisory)

5.4

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-14879

GHSA ID

GHSA-g9m2-c2x5-fr2v

EPSS Score

0.43036%

CWE

CWE-273

Published

5/24/2022

Updated

8/1/2023

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
moodle/moodle	composer	>= 3.7.0, < 3.7.3	3.7.3
moodle/moodle	composer	>= 3.6.0, < 3.6.7	3.6.7
moodle/moodle	composer	>= 3.5.0, < 3.5.9	3.5.9

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The commit diff shows critical changes in sync_all_cohort_roles() where legacy role assignment cleanup logic was added. This indicates the original implementation lacked proper revocation mechanisms when cohort role assignments were removed. The CWE-273 (Improper Check for Dropped Privileges) maps directly to this missing cleanup logic in the synchronization function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility w*s *oun* in Moo*l* v*rsions *.*.x ***or* *.*.*, *.*.x ***or* *.*.* *n* *.*.x ***or* *.*.*. W**n * *o*ort rol* *ssi*nm*nt w*s r*mov**, t** *sso*i*t** **p**iliti*s w*r* not **in* r*vok** (w**r* *ppli***l*).

Reasoning

T** *ommit *i** s*ows *riti**l ***n**s in syn*_*ll_*o*ort_rol*s() w**r* l****y rol* *ssi*nm*nt *l**nup lo*i* w*s *****. T*is in*i**t*s t** ori*in*l impl*m*nt*tion l**k** prop*r r*vo**tion m****nisms w**n *o*ort rol* *ssi*nm*nts w*r* r*mov**. T** *W*-

5.4

Basic Information

Concerned about an active attack path?

CVE-2019-14879: Moodle does not revoke role capabilities correctly

5.4

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2019-14879:
Moodle does not revoke role capabilities correctly

Vulnerability Intelligence
Miggo AI