CVE-2024-45690 identifies a critical access control vulnerability in Moodle, an open-source learning management system widely used globally. The flaw stems from insufficient validation checks when users attempt to delete OAuth2-linked accounts. Specifically, Moodle versions 0, 4.2, 4.3, and 4.4 do not enforce proper restrictions to ensure that only the owner of an OAuth2-linked account can delete it. This lack of verification allows an unauthenticated attacker to delete OAuth2-linked accounts belonging to other users, compromising the integrity of user account data. The vulnerability is classified under CWE-276 (Incorrect Default Permissions) and has a CVSS v3.1 base score of 7.5, indicating high severity. The attack vector is network-based (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making exploitation feasible remotely without authentication or user involvement. Although no exploits have been reported in the wild yet, the potential for abuse exists, especially in environments where OAuth2 is heavily used for authentication and account linking. The vulnerability does not directly impact confidentiality or availability but can disrupt user account integrity and trust in the system. The absence of published patches at the time of disclosure necessitates immediate attention from administrators to implement compensating controls and monitor system logs for unauthorized account deletions.

The primary impact of CVE-2024-45690 is on the integrity of user accounts within Moodle installations. Unauthorized deletion of OAuth2-linked accounts can lead to loss of linked authentication credentials, potentially locking users out or forcing them to re-establish account connections. This can disrupt user access and degrade trust in the platform's account management. For organizations relying on Moodle for critical educational or training services, such disruptions can affect operational continuity and user experience. Although confidentiality and availability are not directly compromised, the integrity breach can facilitate further attacks if attackers manipulate account linkages to escalate privileges or impersonate users. The ease of exploitation without authentication or user interaction increases the risk of automated or mass exploitation attempts, especially in large Moodle deployments. The lack of known exploits currently limits immediate widespread impact, but the vulnerability remains a significant risk until patched or mitigated.

To mitigate CVE-2024-45690, organizations should immediately verify and restrict permissions related to OAuth2 account deletion, ensuring that only authenticated users can delete their own linked accounts. Until official patches are released, administrators should implement strict access control policies and audit logs to detect unauthorized deletion attempts. Network-level protections such as web application firewalls (WAFs) can be configured to monitor and block suspicious requests targeting OAuth2 account management endpoints. Additionally, organizations should educate users about potential account management anomalies and encourage prompt reporting of access issues. Regularly updating Moodle to the latest secure versions once patches become available is critical. Where possible, temporarily disabling OAuth2 account deletion functionality or requiring additional authentication factors for such actions can reduce risk. Finally, monitoring threat intelligence feeds for exploit developments related to this CVE will help maintain situational awareness.