Skip to main content

Incorrect Calculation


Severity High
Score 9.8/10


A flaw was found in moodle prior to 3.9.14, 3.10.x prior to 3.10.11, 3.11.x prior to 3.11.7 and 4.0.x prior to 4.0.1 where logic used to count failed login attempts could result in the account lockout threshold being bypassed.

  • LOW
  • HIGH
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-682 - Incorrect Calculation

The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

Advisory Timeline

  • Published