← back
CVE-2011-4592

CVE-2011-4592

EPSS 1.4%
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=ade30ad3c420ce035a3d68287db701b70e806b3fhttp://moodle.org/mod/forum/discuss.php?d=191761https://bugzilla.redhat.com/show_bug.cgi?id=761248