HTTP: Joomla! CMS Policy Bypass and Privilege Escalation
This signature detects attempts to exploit a known vulnerability in the Joomla! CMS. An attacker can leverage the lack of sufficient input validation in the deprecated function to register with elevated privileges.
Extended Description
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting.
Affected Products
Joomla joomla!
Short Name
HTTP:PHP:JOOMLA-PB-PE
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Bypass CMS CVE-2016-8869 CVE-2016-8870 Escalation Joomla! Policy Privilege and
Release Date
11/14/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3809
False Positive
Rarely
Vendors
Joomla
CVSS Score
7.5
6.8