Vulnerability Details : CVE-2012-2747
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking."
Exploit prediction scoring system (EPSS) score for CVE-2012-2747
Probability of exploitation activity in the next 30 days: 1.34%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-2747
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2012-2747
-
http://www.securityfocus.com/bid/54073
Joomla! Information Disclosure and Security Bypass VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2012/06/19/2
oss-security - Re: Joomla! Security News 2012-06-19Mailing List;Third Party Advisory
-
http://developer.joomla.org/security/news/470-20120601-core-privilege-escalation
[20120601] - Core - Privilege EscalationVendor Advisory
-
http://www.joomla.org/announcements/release-news/5427-joomla-255-released.html
Joomla 2.5.5 ReleasedVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/76415
Joomla! unspecified security bypass CVE-2012-2747 Vulnerability ReportThird Party Advisory;VDB Entry
Products affected by CVE-2012-2747
- cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.0:-:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:2.5.0:rc1:*:*:*:*:*:*