Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access

ITS Advisory Number: 
2015-134
Date(s) Issued: 
Friday, November 13, 2015
Subject: 
Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access
Overview: 

Vulnerabilities have been discovered in Joomla versions 3.0 through 3.4.4. Joomla is a popular open-source Content Management System (CMS). The SQL injection vulnerability enables an unauthorized remote user to gain administrator privileges by hijacking the administrator session. Following exploitation of the vulnerability, the attacker may gain full control of the web site and execute additional attacks.

 

Systems Affected: 
  • Joomla CMS versions 3.0.0 through 3.4.4
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
N/A
Description: 

Vulnerabilities have been discovered in Joomla versions 3.0 through 3.4.4. The details are as follows:

  • Inadequate filtering of request data leads to a SQL Injection vulnerability. CVE-2015-7297, CVE-2015-7857, CVE-2015-7858
  • Inadequate ACL checks in com_contenthistory provide potential read access to data which should be access restricted. CVE-2015-7859
  • Inadequate ACL checks in com_content provide potential read access to data which should be access restricted.  CVE-2015-7899
Actions: 
  • Update vulnerable systems running Joomla immediately after appropriate testing.
  • Deploy NIDS to detect and block attacks and anomalous activity such as crafted requests containing suspicious URI sequences.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.