{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Moodle versions 2.2 \u00e0 2.2.1+ ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle versions 2.0 \u00e0 2.0.7+ ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle versions 1.9 \u00e0 1.9.16+.","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle versions 2.1 \u00e0 2.1.4+ ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Moodle. Leur\nexploitation, qui n\u00e9cessite parfois des droits particuliers, permet de\ncontourner certains m\u00e9canismes de s\u00e9curit\u00e9 et d'acc\u00e9der \u00e0 des\ninformations prot\u00e9g\u00e9es.\n\n## Solution\n\nMettre Moodle \u00e0 jour en version 1.9.17, 2.0.8, 2.1.5 ou 2.2.2.\n","cves":[{"name":"CVE-2012-1155","url":"https://www.cve.org/CVERecord?id=CVE-2012-1155"},{"name":"CVE-2012-1156","url":"https://www.cve.org/CVERecord?id=CVE-2012-1156"},{"name":"CVE-2012-1169","url":"https://www.cve.org/CVERecord?id=CVE-2012-1169"},{"name":"CVE-2012-1157","url":"https://www.cve.org/CVERecord?id=CVE-2012-1157"},{"name":"CVE-2012-1158","url":"https://www.cve.org/CVERecord?id=CVE-2012-1158"},{"name":"CVE-2012-1160","url":"https://www.cve.org/CVERecord?id=CVE-2012-1160"},{"name":"CVE-2012-1161","url":"https://www.cve.org/CVERecord?id=CVE-2012-1161"},{"name":"CVE-2012-1168","url":"https://www.cve.org/CVERecord?id=CVE-2012-1168"},{"name":"CVE-2012-1170","url":"https://www.cve.org/CVERecord?id=CVE-2012-1170"}],"links":[{"title":"Bulletins de s\u00e9curit\u00e9 Moodle MSA-12-0013 \u00e0 MSA-12-0023 du    19 mars 2012 :","url":"http://moodle.org/mod/forum/view.php?f=996&showall=1"}],"reference":"CERTA-2012-AVI-163","revisions":[{"description":"version initiale.","revision_date":"2012-03-22T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">Moodle</span>\npermettent de contourner la politique de s\u00e9curit\u00e9 et d'acc\u00e9der \u00e0 des\ninformations th\u00e9oriquement prot\u00e9g\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Moodle","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Moodle du 19 mars 2012","url":null}]}