Wiz
Vulnerability DatabaseCVE-2011-3629

CVE-2011-3629
Joomla vulnerability analysis and mitigation

Overview

Joomla! core version 1.7.1 was found to contain an information disclosure vulnerability due to weak encryption implementation. The vulnerability was assigned CVE-2011-3629 and was initially reported on September 21, 2011 (CVE MITRE).

Technical details

The vulnerability stems from weak encryption mechanisms implemented in Joomla! core 1.7.1 that could potentially lead to information disclosure. This security issue was later clarified to be distinct from other similar vulnerabilities reported around the same time, specifically focusing on the weak encryption implementation rather than other information disclosure vectors (OSS Security).

Impact

The vulnerability could result in unauthorized information disclosure due to the weak encryption implementation in the affected Joomla! version (Joomla Security).

Community reactions

There was some initial confusion in the security community regarding the proper CVE assignment, as multiple information disclosure vulnerabilities were discovered in Joomla! around the same time. This led to discussions between security researchers and Red Hat's Security Response Team to properly categorize and assign distinct CVE identifiers to each unique vulnerability (OSS Security Discussion).

Additional resources

SourceThis report was generated using AI

Related Joomla vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-25227HIGH7.5
  • PHPPHP
  • cpe:2.3:a:joomla:joomla\!
NoYesApr 08, 2025
CVE-2025-63083MEDIUM5.9
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoJan 06, 2026
CVE-2025-63082MEDIUM5.9
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoJan 06, 2026
CVE-2025-54477MEDIUM5.3
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoSep 30, 2025
CVE-2025-54476MEDIUM4.8
  • PHPPHP
  • joomla/filter
NoYesSep 30, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo