CVE-2015-3179 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-3179 Interim 1 3 2021-06-09T09:36:10Z current 2021-05-30T13:29:29Z 2021-06-09T09:36:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-3179 login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account. CVE-2015-3179 moderate 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N