Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.1418
Security Announcements in Joomla! core
23 April 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Joomla! Core
Publisher: Joomla!
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Unauthorised Access -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-11891 CVE-2020-11890 CVE-2020-11889
Original Bulletin:
https://developer.joomla.org/security-centre/809-20200401-core-incorrect-access
-control-in-com-users-access-level-editing-function.html
https://developer.joomla.org/security-centre/810-20200402-core-missing-checks-for
-the-root-usergroup-in-usergroup-table.html
https://developer.joomla.org/security-centre/811-20200403-core-incorrect-access
-control-in-com-users-access-level-deletion-function.html
Comment: This bulletin contains three (3) Joomla! security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
[20200401] - Core - Incorrect access control in com_users access level editing
function
o Project: Joomla!
o SubProject: CMS
o Impact: Low
o Severity: Low
o Versions: 3.8.8 - 3.9.16
o Exploit type: Incorrect Access Control
o Reported Date: 2020-March-13
o Fixed Date: 2020-April-21
o CVE Number: CVE-2020-11891
Description
Incorrect ACL checks in the access level section of com_users allow the
unauthorized editing of usergroups.
Affected Installs
Joomla! CMS versions 3.8.8 - 3.9.16
Solution
Upgrade to version 3.9.17
Contact
The JSST at the Joomla! Security Centre.
Reported By: Hoang Kien from VSEC
- --------------------------------------------------------------------------------
[20200402] - Core - Missing checks for the root usergroup in usergroup table
o Project: Joomla!
o SubProject: CMS
o Impact: Moderate
o Severity: Low
o Versions: 2.5.0 - 3.9.16
o Exploit type: Incorrect Access Control
o Reported Date: 2020-February-27
o Fixed Date: 2020-April-21
o CVE Number: CVE-2020-11890
Description
Inproper input validations in the usergroup table class could lead to a broken
ACL configuration.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.16
Solution
Upgrade to version 3.9.17
Contact
The JSST at the Joomla! Security Centre.
Reported By: Hoang Kien from VSEC
- --------------------------------------------------------------------------------
[20200403] - Core - Incorrect access control in com_users access level deletion
function
o Project: Joomla!
o SubProject: CMS
o Impact: Moderate
o Severity: Low
o Versions: 2.5.0 - 3.9.16
o Exploit type: Incorrect Access Control
o Reported Date: 2020-March-13
o Fixed Date: 2020-April-21
o CVE Number: CVE-2020-11889
Description
Incorrect ACL checks in the access level section of com_users allow the
unauthorized deletion of usergroups.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.16
Solution
Upgrade to version 3.9.17
Contact
The JSST at the Joomla! Security Centre.
Reported By: Hoang Kien from VSEC
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXqE5RWaOgq3Tt24GAQiJTQ//XhsyGkvbeyJ0rNday3beG0NM2XtkOs/r
EeLtQxeu6ARsHW32gp0jIGmlUaoEmXyBTMHLBaWRV211X8S66RSN/Qf3WTc2h3b4
mgRifQ2AhFYgVlO4NEb4zRj7zrQEzHF8lVuVieXTZqBJqZb54xW56RJ0AvVnYtDz
doXdtdTAxxuFldjug7+rI00gRhu7yMtcFTRRB5xuQkZIslG26Q7NTFn0MAmsQ/7X
WJZutyE7IxFPlQF2WoIvzZHRdZ+CcowsZaHCpOChVTqLbOFE8iiTQB9k9NJurPGm
/Ez1QNgwSAgQFdJVoe8lSpg/5PjC32OfM86gmWvw7Fu/gGl6hQPWMb8l+a6McBB0
PxepfRjAYcQqBgCPQN1d2mL5xOp7N4Q1GFnhHVnY5ELYaTezzi9+Gssz1765BHuI
YYhcw1n6YULjzZQ5S3nAewvmjm8U0yMGwsBSXtXAcU3tdmAwJ8bsupmq6E5ibx7Z
/hMf8pI6QAP/tJw5y6k7ERoOJZJpNOsGJ2Px7iFhMIWnzNtUpjtFgwb8jLRM7yxL
yC6mVFVkzI4GQq1cJGlG8npcIH9M2h6GscN3wdScDO9LOhwN6Z6e5BI/xnqqFulB
lpxaoCpk95qfgyqn9lS+CWmhXdjdIS5Y0hvCiUrOv0CWrLboImQCOAXMjIwNQU3a
MpRHgpnEwsc=
=n45+
-----END PGP SIGNATURE-----