Incorrect Calculation
CVE-2022-30600
Summary
A flaw was found in moodle prior to 3.9.14, 3.10.x prior to 3.10.11, 3.11.x prior to 3.11.7 and 4.0.x prior to 4.0.1 where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-682 - Incorrect Calculation
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Advisory Timeline
- Published