CVE-2014-7984

Published: Oct 8, 2014Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication.

Affected (34)

Products: Joomla: Joomla!

Joomla

1 product

Joomla!

Configuration A

34 vulnerable

Vulnerable Software	Affected Versions
Joomla Joomla!	Version 2.5.0
Joomla Joomla!	Version 2.5.10
Joomla Joomla!	Version 2.5.11
Joomla Joomla!	Version 2.5.12
Joomla Joomla!	Version 2.5.13
Joomla Joomla!	Version 2.5.14
Joomla Joomla!	Version 2.5.15
Joomla Joomla!	Version 2.5.16
Joomla Joomla!	Version 2.5.17
Joomla Joomla!	Version 2.5.18
Joomla Joomla!	Version 2.5.1
Joomla Joomla!	Version 2.5.2
Joomla Joomla!	Version 2.5.3
Joomla Joomla!	Version 2.5.4
Joomla Joomla!	Version 2.5.5
Joomla Joomla!	Version 2.5.6
Joomla Joomla!	Version 2.5.7
Joomla Joomla!	Version 2.5.8
Joomla Joomla!	Version 2.5.9
Joomla Joomla!	Version 3.0.0
Joomla Joomla!	Version 3.0.1
Joomla Joomla!	Version 3.0.2
Joomla Joomla!	Version 3.0.3
Joomla Joomla!	Version 3.0.4
Joomla Joomla!	Version 3.1.0
Joomla Joomla!	Version 3.1.1
Joomla Joomla!	Version 3.1.2
Joomla Joomla!	Version 3.1.3
Joomla Joomla!	Version 3.1.4
Joomla Joomla!	Version 3.1.5
Joomla Joomla!	Version 3.1.6
Joomla Joomla!	Version 3.2.0
Joomla Joomla!	Version 3.2.1
Joomla Joomla!	Version 3.2.2

Related CWEs

CWE-264

References (2)

http://developer.joomla.org/security/581-20140304-core-unauthorised-logins.html

Source: cve@mitre.org

http://developer.joomla.org/security/581-20140304-core-unauthorised-logins.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.