VulnerableCode Vulnerability Details - VCID-z91y-78kj-dufr

Search for vulnerabilities

Vulnerability details: VCID-z91y-78kj-dufr

Essentials
Severities (14)
References (13)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-z91y-78kj-dufr
Aliases	CVE-2015-3179 GHSA-4ppg-2mx6-fqx9
Summary	Moodle allows attackers to bypass intended login restrictions login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.
Status	Published
Exploitability	0.5
Weighted Severity	2.7
Risk	1.4
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264	Permissions, Privileges, and Access Controls
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	LOW	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090
generic_textual	LOW	http://openwall.com/lists/oss-security/2015/05/18/1
epss	0.00328	https://api.first.org/data/v1/epss?cve=CVE-2015-3179
epss	0.00328	https://api.first.org/data/v1/epss?cve=CVE-2015-3179
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-4ppg-2mx6-fqx9
generic_textual	LOW	https://github.com/moodle/moodle
generic_textual	LOW	https://github.com/moodle/moodle/commit/78ec6751fc57bb17bb67c26870fea396390b9937
generic_textual	LOW	https://github.com/moodle/moodle/commit/811ae9f082697495248c6c87ec80aeaf88c851fc
generic_textual	LOW	https://github.com/moodle/moodle/commit/98c38993fd6cbd78bf5819c68c55fcfded6467c0
generic_textual	LOW	https://github.com/moodle/moodle/commit/f236dcc35c3595dfcc77932d84660056e982a310
generic_textual	LOW	https://moodle.org/mod/forum/discuss.php?d=313686
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2015-3179
generic_textual	LOW	https://web.archive.org/web/20200228054915/http://www.securityfocus.com/bid/74725
generic_textual	LOW	https://web.archive.org/web/20200501000000*/http://www.securitytracker.com/id/1032358

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090
		http://openwall.com/lists/oss-security/2015/05/18/1
		https://api.first.org/data/v1/epss?cve=CVE-2015-3179
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/78ec6751fc57bb17bb67c26870fea396390b9937
		https://github.com/moodle/moodle/commit/811ae9f082697495248c6c87ec80aeaf88c851fc
		https://github.com/moodle/moodle/commit/98c38993fd6cbd78bf5819c68c55fcfded6467c0
		https://github.com/moodle/moodle/commit/f236dcc35c3595dfcc77932d84660056e982a310
		https://moodle.org/mod/forum/discuss.php?d=313686
		https://nvd.nist.gov/vuln/detail/CVE-2015-3179
		https://web.archive.org/web/20200228054915/http://www.securityfocus.com/bid/74725
		https://web.archive.org/web/20200501000000*/http://www.securitytracker.com/id/1032358
GHSA-4ppg-2mx6-fqx9		https://github.com/advisories/GHSA-4ppg-2mx6-fqx9

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.54989
EPSS Score	0.00328
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:30:32.268637+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4ppg-2mx6-fqx9/GHSA-4ppg-2mx6-fqx9.json	36.1.3