UBUNTU-CVE-2015-5266
- Source
- https://ubuntu.com/security/CVE-2015-5266
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-5266.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-5266
- Upstream
- Withdrawn
- 2025-07-18T16:43:15Z
- Published
- 2016-02-22T05:59:00Z
- Modified
- 2025-07-16T07:33:08.947569Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
The enrolmetasync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-running sync script.
- References
Affected packages
Ubuntu:16.04:LTS / moodle
Package
- Name
- moodle
- Purl
- pkg:deb/ubuntu/moodle@3.0.3+dfsg-0ubuntu1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.3+dfsg-0ubuntu1
Ubuntu:18.04:LTS / moodle
Package
- Name
- moodle
- Purl
- pkg:deb/ubuntu/moodle@3.0.3+dfsg-0ubuntu1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.3+dfsg-0ubuntu1