A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2309940 | Issue Tracking |
https://moodle.org/security/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
02 Jun 2025, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* | |
First Time |
Moodle
Moodle moodle |
|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2309940 - Issue Tracking | |
References | () https://moodle.org/security/ - Vendor Advisory |
Information
Published : 2024-11-20 11:15
Updated : 2025-06-02 15:35
NVD link : CVE-2024-45691
Mitre link : CVE-2024-45691
CVE.ORG link : CVE-2024-45691
JSON object : View
Products Affected
moodle
- moodle
CWE