-
Byte Open Security
(ByteOS Network)
Log In
Sign Up
CVE Vulnerability Details :
CVE-2024-40749
PUBLISHED
More Info
Official Page
Assigner
-
Joomla
Assigner Org ID
-
6ff30186-7fb7-4ad9-be33-533e7b05e586
View Known Exploited Vulnerability (KEV) details
Published At
-
07 Jan, 2025 | 16:22
Updated At
-
08 Jan, 2025 | 14:46
Rejected At
-
▼
CVE Numbering Authority (CNA)
[20250103] - Core - Read ACL violation in multiple core views
Improper Access Controls allows access to protected views.
Affected Products
Vendor
Joomla!
Joomla! Project
Product
Joomla! CMS
Default Status
unaffected
Versions
Affected
3.9.0-3.10.19
4.0.0-4.4.9
5.0.0-5.2.2
Problem Types
Type
CWE ID
Description
CWE
CWE-284
CWE-284 Improper Access Control
Type:
CWE
CWE ID:
CWE-284
Description:
CWE-284 Improper Access Control
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
CAPEC-1
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC ID:
CAPEC-1
Description:
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Dominik Ziegelmüller
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
https://developer.joomla.org/security-centre/956-20250103-core-read-acl-violation-in-multiple-core-views.html
vendor-advisory
Hyperlink:
https://developer.joomla.org/security-centre/956-20250103-core-read-acl-violation-in-multiple-core-views.html
Resource:
vendor-advisory
▼
Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
Version
Base score
Base severity
Vector
3.1
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version:
3.1
Base score:
7.5
Base severity:
HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
Details not found