CVE-2024-38275

The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://moodle.org/mod/forum/discuss.php?d=459500	Vendor Advisory
https://moodle.org/mod/forum/discuss.php?d=459500	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle:4.4.0:::::::*

History

30 Apr 2025, 23:35

Type	Values Removed	Values Added
CWE		CWE-459
References	~~() https://moodle.org/mod/forum/discuss.php?d=459500 -~~	() https://moodle.org/mod/forum/discuss.php?d=459500 - Vendor Advisory
First Time		Moodle Moodle moodle
CPE		cpe:2.3:a:moodle:moodle:4.4.0:::::::* cpe:2.3:a:moodle:moodle::::::::

Information

Published : 2024-06-18 20:15

Updated : 2025-04-30 23:35

NVD link : CVE-2024-38275

Mitre link : CVE-2024-38275

CVE.ORG link : CVE-2024-38275

JSON object : View

Products Affected

moodle

moodle

CWE

CWE-226

Sensitive Information in Resource Not Removed Before Reuse

CWE-459

Incomplete Cleanup

{"id": "CVE-2024-38275", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-06-18T20:15:13.970", "references": [{"url": "https://moodle.org/mod/forum/discuss.php?d=459500", "tags": ["Vendor Advisory"], "source": "patrick@puiterwijk.org"}, {"url": "https://moodle.org/mod/forum/discuss.php?d=459500", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-226"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-459"}]}], "descriptions": [{"lang": "en", "value": "The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs."}, {"lang": "es", "value": "El contenedor cURL en Moodle retuvo los encabezados de solicitud originales al seguir redirecciones, por lo que la informaci\u00f3n del encabezado de autorizaci\u00f3n HTTP podr\u00eda enviarse involuntariamente en solicitudes para redireccionar URL."}], "lastModified": "2025-04-30T23:35:59.790", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABC3A60E-A580-462D-9C0B-73BD92B4F5F8", "versionEndExcluding": "4.1.11"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EF79A9A-E117-44AF-BA6B-DC9620FDA8CE", "versionEndExcluding": "4.2.8", "versionStartIncluding": "4.2.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E990456-42CD-4B17-8A62-1F2ACF3B0678", "versionEndExcluding": "4.3.5", "versionStartIncluding": "4.3.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23575814-D590-4CDA-880B-E7214A53D7F5"}], "operator": "OR"}]}], "sourceIdentifier": "patrick@puiterwijk.org"}