High target vulnerability leading to disclosure of sensitive information
An attack attempt to exploit an Improper Access Vulnerability in Joomla! CMS. The vulnerability is due to improper access control. Successful exploitation could lead to unauthorized access of sensitive information in the application. According to the vendor, the impact of exploitation of this flaw is critical. Learn More »
Common Vulnerabilities and Exposures
Background
Joomla! is a free and open-source content management system (CMS) for publishing web content. Joomla's content management system, is developed using PHP language and MySQL database, and can run on various platforms such as Linux, Windows, and MacOSX. Joomla! CMS versions 4.0.0-4.2.7 is vulnerable to improper access check in webservice endpoints which may eventually leads to the disclosure of sensitive information such as account information, usernames or passwords.
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
February 13, 2023: Issue was reported to Joomla! by Zewei Zhang from NSFOCUS TIANJI Lab.
February 16, 2023: Version 4.2.8 released by the Vendor which provided fix for CVE-2023-23752.
March 9, 2023: FortiGuard labs is seeing high IPS detections since a public exploit code is released and recommends admins to update the vulnerable Joomla! versions to 4.2.8 or above. https://downloads.joomla.org/
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Decoy VM
-
IPS
-
Application Firewall
-
Outbreak Detection
-
Threat Hunting
-
Assisted Response Services
-
Automated Response
-
InfoSec Services
-
Attack Surface Monitoring (Inside & Outside)
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
References
Sources of information in support and relation to this Outbreak and vendor.