PT-2014-7313 · Open Source Matters · Joomla!

Published

2014-10-08

Updated

2014-10-09

CVE-2014-6632

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Joomla! versions 2.5.x through 2.5.24 Joomla! versions 3.x through 3.2.3 Joomla! versions 3.3.x through 3.3.3

Description The issue allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.

Recommendations For Joomla! versions 2.5.x through 2.5.24, update to version 2.5.25 or later. For Joomla! versions 3.x through 3.2.3, update to version 3.2.4 or later. For Joomla! versions 3.3.x through 3.3.3, update to version 3.3.4 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2014-6632

Affected Products

Joomla!

PT-2014-7313 · Open Source Matters · Joomla!

CVE-2014-6632

Weakness Enumeration

Related Identifiers

Affected Products

References · 5