<\/p>\n\n\n\n
Gravedad: Alta
Fecha de publicaci\u00f3n: Septiembre 23, 2020
\u00daltima revisi\u00f3n: Septiembre 23, 2020
Portal: https:\/\/moodle.org\/
Sistemas Afectados: Diversas vulnerabilidades que afectan a todas las versiones del gestor de aprendizaje Moodle. <\/p>\n\n\n\n
I.Descripci\u00f3n
Moodle ha publicado una actualizaci\u00f3n de seguridad que soluciona 5 vulnerabilidades, 3 de ellas de severidad alta y 2 de severidad baja.
<\/p>\n\n\n\n
II.Impacto
Las vulnerabilidades involucradas podr\u00edan provocar ataques de denegaci\u00f3n de servicio, Cross-site scripting (XSS) y escalada de privilegios.
<\/p>\n\n\n\n
III. Referencia a soluciones, herramientas e informaci\u00f3n
Se recomienda actualizar el gestor Moodle a la \u00faltima versi\u00f3n disponible, mediante su sitio oficial:
Actualizar a la versi\u00f3n Moodle 3.9.2, Enlace: https:\/\/download.moodle.org\/
Actualizar a la versi\u00f3n Moodle 3.8.5, Enlace: https:\/\/download.moodle.org\/releases\/supported\/
Actualizar a la versi\u00f3n Moodle 3.7.8 y 3.5.14, Enlace: https:\/\/download.moodle.org\/releases\/security\/<\/p>\n\n\n\n
Fuentes:
\nMoodle. Moodle 3.9.2 and other minors released. Sander Bangma. 14 de septiembre de 2020. Recopilado en: https:\/\/moodle.org\/news\/
\nInstituto Nacional de Ciberseguridad (INCIBE). 22 de septiembre del 2020. Vulnerabilidades. Recopilado en: https:\/\/www.incibe.es\/protege-tu-empresa\/avisos-seguridad\/corregidas-varias-vulnerabilidades-moodle-0<\/p>\n\n\n\n
Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"
Gravedad: Alta Fecha de publicaci\u00f3n: Septiembre 23, 2020 \u00daltima revisi\u00f3n: Septiembre 23, 2020 Portal: https:\/\/moodle.org\/ Sistemas Afectados: Diversas vulnerabilidades que afectan a todas las versiones del gestor de aprendizaje Moodle. I.Descripci\u00f3n Moodle ha publicado una…<\/p>\n","protected":false},"author":4,"featured_media":2299,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[72,128,68],"class_list":["post-2355","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-avisos-de-seguridad","tag-moodle","tag-vulnerabilidades"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2355","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2355"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2355\/revisions"}],"predecessor-version":[{"id":2357,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2355\/revisions\/2357"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/2299"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2355"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2355"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}