{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2017-019.pdf"
    },
    "title": "Joomla! Super User Password Leak",
    "serial_number": "2017-019",
    "publish_date": "26-09-2017 13:29:00",
    "description": "A previously unknown LDAP injection vulnerability could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any affected Joomla! installation.",
    "url_title": "2017-019",
    "content_markdown": "---\ntitle: 'Joomla! Super User Password Leak'\nversion: '1.0'\nnumber: '2017-019'\nfontsize: '11pt'\n---\n\n_History:_\n\n* _26/09/2017 --- v1.0 -- Initial publication_\n\n# Summary\n\n Joomla! is one of the most popular content management systems. According with the researches who reported this vulnerability, it powers about 3.3% of all websites\u2019 content [1].\n\n A previously unknown LDAP injection vulnerability could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any affected Joomla! installation. It is important to note, that in order to be vulnerable Joomla! has to be configured to use LDAP for authentication. Joomla! has fixed the vulnerability in the latest version 3.8.\n\n The bug has received the number: CVE-2017-14596 by Mitre.\n\n# Products Affected\n\n* Joomla! CMS versions 1.5.0 through 3.7.5\n\n# Recommendations\n\nThe bug has been fix in version 3.8.0, so it is recommended to update [2].\n\nAs workarounds -- as far as the vulnerability affects the LDAP authentication, disabling it can be recommended for those who, for any reason, cannot update the CMS version (or in the meantime).\n\n# References\n\n[1] <https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/>\n\n[2] <https://developer.joomla.org/security-centre/711-20170902-core-ldap-information-disclosure>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>26/09/2017 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>Joomla! is one of the most popular content management systems. According with the researches who reported this vulnerability, it powers about 3.3% of all websites\u2019 content [1].</p><p>A previously unknown LDAP injection vulnerability could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any affected Joomla! installation. It is important to note, that in order to be vulnerable Joomla! has to be configured to use LDAP for authentication. Joomla! has fixed the vulnerability in the latest version 3.8.</p><p>The bug has received the number: CVE-2017-14596 by Mitre.</p><h2 id=\"products-affected\">Products Affected</h2><ul><li>Joomla! CMS versions 1.5.0 through 3.7.5</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>The bug has been fix in version 3.8.0, so it is recommended to update [2].</p><p>As workarounds -- as far as the vulnerability affects the LDAP authentication, disabling it can be recommended for those who, for any reason, cannot update the CMS version (or in the meantime).</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/\">https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://developer.joomla.org/security-centre/711-20170902-core-ldap-information-disclosure\">https://developer.joomla.org/security-centre/711-20170902-core-ldap-information-disclosure</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}