Lucene search
HistoryJul 14, 2015 - 4:59 p.m.
CVE-2015-5397
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.002
Percentile
59.2%
Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors.
Affected configurations
Node
joomlajoomla\!Match3.2.0
ORjoomlajoomla\!Match3.2.1
ORjoomlajoomla\!Match3.2.2
ORjoomlajoomla\!Match3.2.3
ORjoomlajoomla\!Match3.2.4
ORjoomlajoomla\!Match3.2.5
ORjoomlajoomla\!Match3.3.0
ORjoomlajoomla\!Match3.3.1
ORjoomlajoomla\!Match3.3.2
ORjoomlajoomla\!Match3.3.3
ORjoomlajoomla\!Match3.3.4
ORjoomlajoomla\!Match3.3.5
ORjoomlajoomla\!Match3.4.0
ORjoomlajoomla\!Match3.4.0alpha
ORjoomlajoomla\!Match3.4.0beta1
ORjoomlajoomla\!Match3.4.0beta2
ORjoomlajoomla\!Match3.4.0beta3
ORjoomlajoomla\!Match3.4.0rc1
ORjoomlajoomla\!Match3.4.1
ORjoomlajoomla\!Match3.4.1rc1
ORjoomlajoomla\!Match3.4.1rc2
ORjoomlajoomla\!Match3.4.2rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla\! | 3.2.0 | cpe:2.3:a:joomla:joomla\!:3.2.0:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.2.1 | cpe:2.3:a:joomla:joomla\!:3.2.1:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.2.2 | cpe:2.3:a:joomla:joomla\!:3.2.2:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.2.3 | cpe:2.3:a:joomla:joomla\!:3.2.3:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.2.4 | cpe:2.3:a:joomla:joomla\!:3.2.4:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.2.5 | cpe:2.3:a:joomla:joomla\!:3.2.5:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.3.0 | cpe:2.3:a:joomla:joomla\!:3.3.0:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.3.1 | cpe:2.3:a:joomla:joomla\!:3.3.1:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.3.2 | cpe:2.3:a:joomla:joomla\!:3.3.2:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.3.3 | cpe:2.3:a:joomla:joomla\!:3.3.3:*:*:*:*:*:*:* |
Related
nessus
nessus
FreeBSD : Joomla! -- Core - CSRF Protection vulnerabilities (ec2d1cfd-7ac5-11e5-b35a-002590263bf5)
2015-10-26 00:00:00
Joomla! 3.x < 3.4.2 Multiple Vulnerabilities
2015-07-09 00:00:00
freebsd
freebsd
Joomla! -- Core - CSRF Protection vulnerabilities
2015-06-30 00:00:00
cve
cve
CVE-2015-5397
2015-07-14 16:59:04
prion
prion
Cross site request forgery (csrf)
2015-07-14 16:59:00
cvelist
cvelist
CVE-2015-5397
2015-07-14 16:00:00
joomla
joomla
[20150602] - Core - CSRF Protection
2015-04-06 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.002
Percentile
59.2%
Related for NVD:CVE-2015-5397