vulnerability
Moodle: (CVE-2017-1000071): MSA-17-0016: Authentication bypass vulnerability with old CAS servers
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jul 17, 2017 | Sep 19, 2017 | Jan 12, 2023 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jul 17, 2017
Added
Sep 19, 2017
Modified
Jan 12, 2023
Description
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
Solution
moodle-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.