Multiple Vulnerabilities in Joomla Could Allow for Security Bypass

ITS Advisory Number: 
2016-183
Date(s) Issued: 
Wednesday, October 26, 2016
Subject: 
Multiple Vulnerabilities in Joomla Could Allow for Security Bypass
Overview: 

Multiple vulnerabilities have been discovered in Joomla, the most severe of which could allow for security bypass. Joomla is an open source content management system for websites. Successful exploitation of these vulnerabilities could allow an attacker to create a user account on a website that has disabled account creation, or create a user account with escalated privileges.

 

Systems Affected: 
  • Joomla prior to version 3.6.4
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
Medium
BUSINESS
Large and medium business entities: 
High
Small business entities: 
Medium
Home Users: 
Low
Description: 

Multiple vulnerabilities have been discovered in Joomla! Core, the most severe of which could result in security bypass.  Details of the vulnerabilities are as follows:

  • Incorrect use of unfiltered data allows for users to register on a site with elevated privileges. (CVE-2016-8869)
  • Inadequate checks allows for users to register on a site when registration has been disabled. (CVE-2016-8870)

Successful exploitation of these vulnerabilities could allow an attacker to create a user account on a website that has disabled account creation, or create a user account with escalated privileges.

Actions: 
  • After appropriate testing, apply patches provided by Joomla! to vulnerable systems.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  • Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  • Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.