Launchpad CVE tracker

CVE 2019-9708

An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. A site administrator can suspend the system user (root), causing all users to be locked out from the system.

Related bugs and status

CVE-2019-9708 (Candidate) is related to these bugs:

Bug #1817221: A site admin can access Mahara 'root' user and break the site

		In	Importance	Status
1817221	A site admin can access Mahara 'root' user and break the site	Mahara	High	Fix Released
1817221	A site admin can access Mahara 'root' user and break the site	Mahara 17.10	High	Fix Released
1817221	A site admin can access Mahara 'root' user and break the site	Mahara 18.04	High	Fix Released
1817221	A site admin can access Mahara 'root' user and break the site	Mahara 19.04	High	Fix Released
1817221	A site admin can access Mahara 'root' user and break the site	Mahara 18.10	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.launchpad...
CONFIRM: https://mahara.org/int...

Launchpad.net

CVE 2019-9708

Related bugs and status

Related bugs

References