CVE-2007-6644 - Permissions, Privileges, and Access Control vulnerability in Joomla 1.5rc4

Summary

Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.

Classification

CWE-264 - Permissions, Privileges, and Access Control

Risk level (CVSS 6.5)

Medium

6.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products