CVE-2024-40749Improper Access Control in Joomla !

CWE-284Improper Access Control3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 99.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Joomla !Joomla! Project Joomla! CMS
Timeline
PublishedJan 7

Description

Improper Access Controls allows access to protected views.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDjoomla/joomla_!3.9.03.10.20+2
CVEListV5joomla!_project/joomla!_cms3.9.0-3.10.19, 4.0.0-4.4.9, 5.0.0-5.2.2+2

🔴Vulnerability Details

2
CVEList
[20250103] - Core - Read ACL violation in multiple core views2025-01-07
GHSA
GHSA-h6vm-3gjm-rw54: Improper Access Controls allows access to protected views2025-01-07
CVE-2024-40749 — Improper Access Control in Joomla ! | cvebase