CVE-2014-6632

Joomla! <2.5.25-3.3.4 - Auth Bypass

Title source: llm

Description

Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.

References (3)

[Various Sources] http://developer.joomla.org/security/594-20140902-core-unauthorised-logins.html

[Third Party Advisory] http://secunia.com/advisories/61606

[Third Party Advisory] http://secunia.com/advisories/61638

Scores

EPSS 0.0007

EPSS Percentile 21.5%

Classification

CWE

CWE-287

Status draft

Affected Products (32)

joomla/joomla\!

... and 17 more

Timeline

Published Oct 08, 2014

Tracked Since Feb 18, 2026