Bug 2243452 (CVE-2023-5550, MSA-23-0042) - CVE-2023-5550 moodle: RCE due to LFI risk in some misconfigured shared hosting environments
Summary: CVE-2023-5550 moodle: RCE due to LFI risk in some misconfigured shared hostin...
Keywords:
Status: NEW
Alias: CVE-2023-5550, MSA-23-0042
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2244921 2244922
Blocks: 2243346
TreeView+ depends on / blocked
 
Reported: 2023-10-12 00:51 UTC by Robb Gatica
Modified: 2023-10-26 06:42 UTC (History)
2 users (show)

Fixed In Version: moodle 4.2.3, moodle 4.1.6, moodle 4.0.11, moodle 3.11.17, moodle 3.9.24
Doc Type: If docs needed, set a value
Doc Text:
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Robb Gatica 2023-10-12 00:51:05 UTC 
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution. This flaw affects versions 4.2 to 4.2.2, 4.1 to 4.1.5, 4.0 to 4.0.10, 3.11 to 3.11.16, 3.9 to 3.9.23 and earlier unsupported versions.
Comment 2 Nick Tait 2023-10-18 18:53:25 UTC 
https://moodle.org/mod/forum/discuss.php?d=451591
Comment 3 Nick Tait 2023-10-18 20:47:31 UTC 
Created moodle tracking bugs for this issue:

Affects: epel-7 [bug 2244921]
Affects: fedora-all [bug 2244922]
Note You need to log in before you can comment on or make changes to this bug.