CVE-2016-8870

{"id": "CVE-2016-8870", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2016-11-04T21:59:08.677", "references": [{"url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/joomla_registration_privesc", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/93876", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1037107", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1037108", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vulnerability-in-joomla.html", "source": "cve@mitre.org"}, {"url": "https://developer.joomla.org/security-centre/659-20161001-core-account-creation.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/joomla/joomla-cms/commit/bae1d43938c878480cfd73671e4945211538fdcf", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://medium.com/%40showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/40637/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/joomla_registration_privesc", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/93876", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037107", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037108", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vulnerability-in-joomla.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://developer.joomla.org/security-centre/659-20161001-core-account-creation.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/joomla/joomla-cms/commit/bae1d43938c878480cfd73671e4945211538fdcf", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://medium.com/%40showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/40637/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting."}, {"lang": "es", "value": "El m\u00e9todo de registro en la clase UsersModelRegistration en controllers/user.php en el componente Users en Joomla! en versiones anteriores a 3.6.4, cuando ha sido desactivado el registro, permite a atacantes remotos crear cuentas de usuario aprovechando el fallo para comprobar el ajuste de configuraci\u00f3n Allow User Registration."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59292C00-859C-4F23-B92F-D525DDA76582", "versionEndIncluding": "3.6.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}