CVE-2016-9081

Опубликовано: 23 янв. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.

Ссылки

http://www.securityfocus.com/bid/93969
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/661-20161003-core-account-modifications.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93969
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/661-20161003-core-account-modifications.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:joomla:joomla\!:3.4.4:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.4.5:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.4.6:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.4.7:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.4.8:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.4.8:rc:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:beta:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:beta2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:beta3:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:beta4:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:beta5:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:rc:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:rc2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:rc3:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.0:rc4:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.1:rc:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.5.1:rc2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:alpha:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:beta1:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:rc:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.1:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.1:rc1:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.1:rc2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.2:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.3:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.3:rc1:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.3:rc2:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.6.3:rc3:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00213

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-jp5w-c8p9-mq89