tagline: Confidence in the Connected World
CIS Logo
HomeResourcesAdvisoriesVulnerability in Joomla Could Allow Remote Code Execution

Vulnerability in Joomla Could Allow Remote Code Execution

MS-ISAC ADVISORY NUMBER:

2015-150

DATE(S) ISSUED:

12/14/2015

OVERVIEW:

A vulnerability has been discovered in Joomla, which could result in arbitrary code execution. Joomla is an open source content management system for websites. This vulnerability can be exploited by an attacker sending a maliciously crafted packet to a vulnerable server.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions, or cause denial-of-service conditions.

THREAT INTELLIGENCE:

Reports indicate that this vulnerability is being actively exploited in the wild.

SYSTEMS AFFECTED:

  • Joomla versions between 1.5 and 3.4.5.

RISK:

Goverment:
  • Large and medium government entities: HIGH
  • Small government entities: HIGH
Businesses:
  • Large and medium business entities: HIGH
  • Small business entities: HIGH
Home Users:
LOW

TECHNICAL SUMMARY:

This vulnerability may be exploited by a remote attacker sending a maliciously crafted packet to a vulnerable server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code in the context of the application, obtain sensitive information, bypass security restrictions, or cause denial-of-service conditions.

RECOMENDATIONS:

We recommend the following actions be taken:

Apply appropriate patches provided by Joomla to vulnerable Joomla 3.X systems immediately after appropriate testing.
Apply appropriate hotfixes provided by Joomla to vulnerable Joomla 1.5.X and 2.5.X systems immediately after appropriate testing.
Verify no unauthorized system modifications have occurred on system before applying patch.
Monitor intrusion detection systems for any signs of anomalous activity.

REFERENCES:

Get Email Updates When Cyber Threats Like This Arise

Arrow Subscribe to Advisories