Joomla! Password Reset Security Bypass Vulnerability
BID:50736
Info
Joomla! Password Reset Security Bypass Vulnerability
| Bugtraq ID: | 50736 |
| Class: | Design Error |
| CVE: |
CVE-2011-4321 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 21 2011 12:00AM |
| Updated: | Nov 21 2011 12:00AM |
| Credit: | Gregor Kopf and David Jardin |
| Vulnerable: |
Joomla Joomla 1.5.24 Joomla Joomla 1.5.22 Joomla Joomla 1.5.21 Joomla Joomla 1.5.20 Joomla Joomla 1.5.19 Joomla Joomla 1.5.18 Joomla Joomla 1.5.17 Joomla Joomla 1.5.16 Joomla Joomla 1.5.15 Joomla Joomla 1.5.14 Joomla Joomla 1.5.13 Joomla Joomla 1.5.12 Joomla Joomla 1.5.11 Joomla Joomla 1.5.10 Joomla Joomla 1.5.9 Joomla Joomla 1.5.8 Joomla Joomla 1.5.7 Joomla Joomla 1.5.6 Joomla Joomla 1.5.5 Joomla Joomla 1.5.4 Joomla Joomla 1.5.3 Joomla Joomla 1.5.2 Joomla Joomla 1.5.1 Joomla Joomla 1.5 |
| Not Vulnerable: |
Joomla Joomla 1.5.25 |
Discussion
Joomla! Password Reset Security Bypass Vulnerability
Joomla! is prone to a security-bypass vulnerability.
An attacker can exploit this issue to change a user's password, thereby aiding in further attacks.
Joomla! versions prior to 1.5.25 are vulnerable.
Joomla! is prone to a security-bypass vulnerability.
An attacker can exploit this issue to change a user's password, thereby aiding in further attacks.
Joomla! versions prior to 1.5.25 are vulnerable.
Exploit / POC
Joomla! Password Reset Security Bypass Vulnerability
Attackers can exploit this issue through a browser.
Attackers can exploit this issue through a browser.
Solution / Fix
Joomla! Password Reset Security Bypass Vulnerability
Solution:
The vendor has released updates. Please see the references for details.
Solution:
The vendor has released updates. Please see the references for details.
References
Joomla! Password Reset Security Bypass Vulnerability
References:
References:
- [20111103] - Core - Password Change (Joomla!)
- Joomla! Homepage (Joomla!)