Outbreak Alert

Joomla! CMS Improper Access Check Vulnerability

Released: Mar 10, 2023

Medium Severity

Joomla Platform

High target vulnerability leading to disclosure of sensitive information

An attack attempt to exploit an Improper Access Vulnerability in Joomla! CMS. The vulnerability is due to improper access control. Successful exploitation could lead to unauthorized access of sensitive information in the application. According to the vendor, the impact of exploitation of this flaw is critical. Learn More »

Common Vulnerabilities and Exposures

CVE-2023-23752

Background

Joomla! is a free and open-source content management system (CMS) for publishing web content. Joomla's content management system, is developed using PHP language and MySQL database, and can run on various platforms such as Linux, Windows, and MacOSX. Joomla! CMS versions 4.0.0-4.2.7 is vulnerable to improper access check in webservice endpoints which may eventually leads to the disclosure of sensitive information such as account information, usernames or passwords.

Threat Radar Overall Score:

	CVSS Rating	5.0
	FortiRecon Score	92/100
	Known Exploited	Yes
	Exploit Prediction Score	95.21%
	FortiGuard Telemetry	28756

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.

February 13, 2023: Issue was reported to Joomla! by Zewei Zhang from NSFOCUS TIANJI Lab.
February 16, 2023: Version 4.2.8 released by the Vendor which provided fix for CVE-2023-23752.

March 9, 2023: FortiGuard labs is seeing high IPS detections since a public exploit code is released and recommends admins to update the vulnerable Joomla! versions to 4.2.8 or above. https://downloads.joomla.org/

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.

PROTECT

Decoy VM
IPS
Application Firewall

DETECT

Outbreak Detection
Threat Hunting

RESPOND

Assisted Response Services
Automated Response

RECOVER

InfoSec Services

IDENTIFY

Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.

Loading ...

Indicators of compromise
IOC Indicator List

Indicator	Type	Status
212.60.5.129	ip	Active
dns-supports.online	domain	Active
updates.wiki	domain	Active
windows.updates.wiki	domain	Active

References

Sources of information in support and relation to this Outbreak and vendor.

Joomla Security Centre

Learn More »

About FortiGuard Outbreak Alerts

Learn More »

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners