CVE-2016-9081

Published Jan 23, 2017

Last updated 8 years ago

CVSS critical 9.8

Overview

Description: Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98475DA0-9D72-4952-878B-4DD619132E66"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D6C4C68-E526-408F-A54D-86CB3E5D800F"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA0B678E-DB68-4F62-9E94-2A2D9053BCDF"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED5427CD-4C44-4B6A-A72E-BF27BECFD631"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FC7FF37-53BA-4DCB-B350-3D779977A853"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.8:rc:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44C6373A-1200-49D8-87B8-1D923752E04D"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76D4E968-72C3-40D1-A9E0-FC1C45513436"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "639BD6FA-F5A9-4D58-9FD0-F20610CFF48A"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "871D0251-2BF5-4167-9B40-2D8024154802"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E59A3191-47BB-438D-87BC-74CB19DC99BA"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B36EC1DA-762B-4686-BE6E-6604D02F9FE3"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB0FE2EA-51E5-43FE-8DEA-94EA8A016B6A"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5870A8F-914C-474F-BB4D-41F23061E1A4"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7945BC2A-0357-4E49-9314-C8C75B926585"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "622CF895-3402-449F-A769-535ABD102D4B"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04E27344-9C09-4202-8AFD-D2ADD8294D5F"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91B37E54-0DCD-4A8B-83A0-3B14B962EBEA"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.1:rc:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76E37DC8-1D4D-4E82-BB27-F6B5B947C8E7"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.1:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75ECDB42-7E47-4ABC-8547-10091E9AFC5B"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC7B9A2E-1D53-4F55-A021-4B28C1F95C0E"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DCF94C1-7F4C-4F0D-973D-1A44F3CA2583"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9F3AD2F-5503-4A6A-BF32-6B570F5C383E"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F86FF086-3D89-4350-92BC-8914ACD471A0"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:rc:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "352A89E4-8031-4AF7-8A57-A4BDF72FE56E"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC86535F-D1AE-4F4C-8B2D-6418D789CA08"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "003DBC50-8865-4704-BC79-1D945499BEF5"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F05F8CEE-67F3-4868-87A6-E9DBAE70AA8F"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72C3D2D6-BCC8-4381-B941-09FE693B8AD3"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A79B694-384E-4DDD-9AE5-DFFF1E695BA7"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F3C0F39-B5FD-409C-8AA1-720720704952"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53190951-2DCC-4B00-A921-8F77A044FD78"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77138C7E-04FE-4442-AEF9-BE8EB68F5ECC"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A0C7A46-1EF2-4DD4-991E-F120F994161C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References