CVE-2015-5267 — Moodle uses predictable password-recovery tokens

Description

lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mt_rand function to implement the random_string and complex_random_string functions, which makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.

How to fix CVE-2015-5267

To remediate CVE-2015-5267, upgrade the affected package to a fixed version below.

—upgrade to 2.7.10 or later

Is CVE-2015-5267 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 2.7.10

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (10)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2015-5267
PATCHgithub.com/moodle/moodle
WEBgit.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860
WEBgithub.com/moodle/moodle/commit/289bc7f9e3022918b4cfd2cc9851472f0cea2896