CVE-2021-26038 - OpenCVE

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Joomla	Joomla\!

Configuration 1 [-]

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

References

Link	Resource
https://developer.joomla.org/security-centre/859-20210704-core-privilege-escalation-through-com-installer.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Joomla

Published: 2021-07-06T00:00:00

Updated: 2022-12-22T11:56:04.075Z

Reserved: 2021-01-25T00:00:00

Link: CVE-2021-26038

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-07-07T11:15:08.700

Modified: 2021-07-09T14:20:24.043

Link: CVE-2021-26038

JSON object: View

Redhat Information

No data.

CWE

CWE-754

{"containers": {"cna": {"affected": [{"product": "Joomla! CMS", "vendor": "Joomla! Project", "versions": [{"status": "affected", "version": "2.5.0-3.9.27"}]}], "datePublic": "2021-07-06T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already."}], "problemTypes": [{"descriptions": [{"description": "CSRF", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "shortName": "Joomla", "dateUpdated": "2022-12-22T11:56:04.075Z"}, "references": [{"tags": ["x_refsource_MISC", "vendor-advisory"], "url": "https://developer.joomla.org/security-centre/859-20210704-core-privilege-escalation-through-com-installer.html"}], "title": "[20210704] - Core - Privilege escalation through com_installer", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@joomla.org", "DATE_PUBLIC": "2021-07-06T16:00:00", "ID": "CVE-2021-26038", "STATE": "PUBLIC", "TITLE": "[20210704] - Core - Privilege escalation through com_installer"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Joomla! CMS", "version": {"version_data": [{"version_value": "2.5.0-3.9.27"}]}}]}, "vendor_name": "Joomla! Project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CSRF"}]}]}, "references": {"reference_data": [{"name": "https://developer.joomla.org/security-centre/859-20210704-core-privilege-escalation-through-com-installer.html", "refsource": "MISC", "url": "https://developer.joomla.org/security-centre/859-20210704-core-privilege-escalation-through-com-installer.html"}]}}}}, "cveMetadata": {"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "assignerShortName": "Joomla", "cveId": "CVE-2021-26038", "datePublished": "2021-07-06T00:00:00", "dateReserved": "2021-01-25T00:00:00", "dateUpdated": "2022-12-22T11:56:04.075Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "matchCriteriaId": "31BEB895-09CF-45A6-B565-C573D3928728", "versionEndIncluding": "3.9.27", "versionStartIncluding": "2.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already."}, {"lang": "es", "value": "Se ha detectado un problema en Joomla! versiones 2.5.0 hasta 3.9.27. La acci\u00f3n de instalaci\u00f3n en com_installer carece de las comprobaciones ACL embebidas requeridas para los superusuarios. Un sistema por defecto no est\u00e1 afectado porque la ACL por defecto para com_installer ya est\u00e1 limitada a los superusuarios"}], "id": "CVE-2021-26038", "lastModified": "2021-07-09T14:20:24.043", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-07T11:15:08.700", "references": [{"source": "security@joomla.org", "tags": ["Vendor Advisory"], "url": "https://developer.joomla.org/security-centre/859-20210704-core-privilege-escalation-through-com-installer.html"}], "sourceIdentifier": "security@joomla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}