CVE-2017-7989

{"id": "CVE-2017-7989", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-04-25T18:59:00.463", "references": [{"url": "http://www.securityfocus.com/bid/98029", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://developer.joomla.org/security-centre/689-20170407-core-acl-violations", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden."}, {"lang": "es", "value": "Una inadecuada comprobaci\u00f3n de tipos MIME en Joomla! 3.2.0 hasta 3.6.5 permite a usuarios con pocos privilegios cargar archivos swf aunque est\u00e9n expl\u00edcitamente prohibidos."}], "lastModified": "2017-05-02T18:06:55.070", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83513309-01CD-411C-82EF-62C1F7F4764F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27BABCB8-916D-452E-8848-B51B3374CE8B"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD14669F-9C13-46BA-A45B-EC0B4081D105"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "370F58E9-AD21-446F-BC29-10F2A448F18E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56C7EA5D-CEB8-45C6-A50F-577B02BBD25F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A3ED8A4-60AF-4347-8A4E-41BAF7ED09B1"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4B4D693-A540-4FB3-B7F9-9746F01B44CA"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9623DC6-3822-4493-A0CC-C87134799D67"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B71C854-FDCA-40C9-BB18-D7947BE81F04"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC3861B6-CBD7-438E-A067-AEAEBB6C09B7"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92F78591-585E-4571-813C-528256709932"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA20940F-8056-4F18-8D8A-4CE1EE22327E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "228B8684-EC16-4DB7-B8EE-7C2C009FA946"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DA0D93-26C1-4D24-993C-F07B102EAD55"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB372030-D07A-42DD-AF36-CD47EA2D8F2F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:beta3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E2143F-76E8-4BAF-8EAD-68E86EC73060"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CAEC506-1375-4BC7-BEB4-85F90491BDA7"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA6D81D1-16F7-448B-BA23-C24AAAE1A096"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43B63EB2-031C-47A0-875E-6D3FF5B32D2A"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3931745-E865-419E-A252-5306A63878D0"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "176F330D-DAC5-4D3E-823D-E59E6469D089"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.2:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C1C8F45-53F2-468E-97D5-E7D1FE9F789E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E76ADE1-A88F-468B-8D9C-72B90AF2A75A"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98475DA0-9D72-4952-878B-4DD619132E66"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D6C4C68-E526-408F-A54D-86CB3E5D800F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA0B678E-DB68-4F62-9E94-2A2D9053BCDF"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5427CD-4C44-4B6A-A72E-BF27BECFD631"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC7FF37-53BA-4DCB-B350-3D779977A853"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.4.8:rc:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44C6373A-1200-49D8-87B8-1D923752E04D"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76D4E968-72C3-40D1-A9E0-FC1C45513436"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "639BD6FA-F5A9-4D58-9FD0-F20610CFF48A"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871D0251-2BF5-4167-9B40-2D8024154802"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E59A3191-47BB-438D-87BC-74CB19DC99BA"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B36EC1DA-762B-4686-BE6E-6604D02F9FE3"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:beta5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB0FE2EA-51E5-43FE-8DEA-94EA8A016B6A"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5870A8F-914C-474F-BB4D-41F23061E1A4"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7945BC2A-0357-4E49-9314-C8C75B926585"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "622CF895-3402-449F-A769-535ABD102D4B"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04E27344-9C09-4202-8AFD-D2ADD8294D5F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91B37E54-0DCD-4A8B-83A0-3B14B962EBEA"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.5.1:rc:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76E37DC8-1D4D-4E82-BB27-F6B5B947C8E7"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC7B9A2E-1D53-4F55-A021-4B28C1F95C0E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DCF94C1-7F4C-4F0D-973D-1A44F3CA2583"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9F3AD2F-5503-4A6A-BF32-6B570F5C383E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F86FF086-3D89-4350-92BC-8914ACD471A0"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:rc:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "352A89E4-8031-4AF7-8A57-A4BDF72FE56E"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC86535F-D1AE-4F4C-8B2D-6418D789CA08"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "003DBC50-8865-4704-BC79-1D945499BEF5"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F05F8CEE-67F3-4868-87A6-E9DBAE70AA8F"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72C3D2D6-BCC8-4381-B941-09FE693B8AD3"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A79B694-384E-4DDD-9AE5-DFFF1E695BA7"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F3C0F39-B5FD-409C-8AA1-720720704952"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53190951-2DCC-4B00-A921-8F77A044FD78"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77138C7E-04FE-4442-AEF9-BE8EB68F5ECC"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.3:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A0C7A46-1EF2-4DD4-991E-F120F994161C"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E250E60-0F12-48F4-8959-CC2641A3E8D8"}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:3.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0598E85E-BD26-4E5F-86AC-AE1C2BC786F4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}