CVE-2017-1000151

EUVD-2017-1436
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
maharamahara
15.04:rc1
maharamahara
15.04:rc2
maharamahara
15.04.0
maharamahara
15.04.1
maharamahara
15.04.2
maharamahara
15.04.3
maharamahara
15.04.4
maharamahara
15.04.5
maharamahara
15.04.6
maharamahara
15.04.7
maharamahara
15.04.8
maharamahara
16.04:rc1
maharamahara
16.04:rc2
maharamahara
16.04.0
maharamahara
16.04.1
maharamahara
16.04.2
maharamahara
15.10.0
maharamahara
15.10.1
maharamahara
15.10.2
maharamahara
15.10.3
maharamahara
15.10.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bugs.launchpad.net/mahara/+bug/1570221
https://bugs.launchpad.net/mahara/+bug/1570221