CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jan 29, 2024

CVE-2023-23752

High

CVSS 5.3EPSS 94.5%CISA KEV

Joomla!/Joomla!

Description

Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints.

CVSS Score

5.3/ 10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS — Exploit Probability

94.5%

Higher than 100.0% of all CVEs

Required Action

https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html; https://nvd.nist.gov/vuln/detail/CVE-2023-23752

Risk Assessment

HIGH

In CISA KEV

High EPSS

Details

Severity: High
CVSS: 5.3
EPSS: 94.5%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Jan 8, 2024

Added to KEV

Jan 8, 2024

Remediation Due

Jan 29, 2024

Affected Product

Joomla!

View all Joomla! CVEs

External Links

NVD (NIST)CVE Details MITRE CVE