CVE-2012-1611

Published: Sep 6, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.

Affected (4)

Products: Joomla: Joomla!

Joomla

1 product

Joomla!

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Joomla Joomla!	Version 2.5.0
Joomla Joomla!	Version 2.5.1
Joomla Joomla!	Version 2.5.2
Joomla Joomla!	Version 2.5.3

Related CWEs

CWE-264

References (8)

http://developer.joomla.org/security/news/398-20120307-core-information-disclosure.html

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/48683

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/04/03/3

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/04/03/5

Source: secalert@redhat.com

http://developer.joomla.org/security/news/398-20120307-core-information-disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/48683

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/04/03/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/04/03/5

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.