{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T07:16:12.520","vulnerabilities":[{"cve":{"id":"CVE-2021-32474","sourceIdentifier":"secalert@redhat.com","published":"2022-03-11T18:15:15.610","lastModified":"2024-11-21T06:07:06.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected."},{"lang":"es","value":"Se presentaba un riesgo de inyección SQL en sitios con MNet habilitado y configurado, por medio de una llamada XML-RPC desde el host par conectado. Tenga en cuenta que esto requería el acceso del administrador del sitio o el acceso al par de claves. Moodle versiones 3.10 a 3.10.3, 3.9 a 3.9.6, 3.8 a 3.8.8, 3.5 a 3.5.17 y versiones anteriores no soportadas están afectadas"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.18","matchCriteriaId":"DC7FEAAE-8FC0-40B0-84FB-3CA71F17D168"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8.0","versionEndExcluding":"3.8.9","matchCriteriaId":"89DD1B48-BE48-4940-B842-4C0DEE262652"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.9.0","versionEndExcluding":"3.9.7","matchCriteriaId":"825E9485-D5B2-4427-8BE6-FBD6EDCD600F"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.0","versionEndExcluding":"3.10.4","matchCriteriaId":"E89E37F5-501F-4BBB-B029-113710C77AFC"}]}]}],"references":[{"url":"https://moodle.org/mod/forum/discuss.php?d=422308","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=422308","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}