CVE-2024-43430

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 11, 2024

Updated: Nov 12, 2024

CWE ID 276

Summary

CVE-2024-43430 represents a vulnerability in Moodle, an open-source learning management system. The issue involves a flaw in the Quiz module's external API, which can lead to insufficient access control being overridden. An attacker may exploit this weakness to gain unauthorized access and manipulate quiz data or settings, potentially impacting the security and integrity of learning content. This vulnerability underscores the importance of maintaining software up-to-date and implementing proper access control measures to mitigate the risk of unintended consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x6lBzo
https://www.cve.org/CVERecord?id=CVE-2024-43430
https://nvd.nist.gov/vuln/detail/CVE-2024-43430

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-2024-43430

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations