Improper access control in Joomla! - CVE-2017-11364
Published: July 25, 2017
Vulnerability identifier: #VU7590
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-11364
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Joomla!
Affected software:
Joomla!
Joomla!
Detailed vulnerability description
The vulnerability allows a remote attacker to gain control to affected system.
The vulnerability exists within the ownership verification process in CMS installer application. A remote attacker can gain unauthorized control over the affected application.
The vulnerability does not affect already installed web sites.
The vulnerability exists within the ownership verification process in CMS installer application. A remote attacker can gain unauthorized control over the affected application.
The vulnerability does not affect already installed web sites.
How to mitigate CVE-2017-11364
Update to version 3.7.4.