CVE-2023-23752: 
Joomla vulnerability analysis and mitigation

An authentication bypass vulnerability (CVE-2023-23752) was discovered in Joomla! versions 4.0.0 through 4.2.7. The vulnerability, reported by Zewei Zhang from NSFOCUS TIANJI Lab on February 13, 2023, allows unauthorized access to webservice endpoints due to improper access checks. The issue was fixed with the release of version 4.2.8 on February 16, 2023 (Joomla Advisory).

The vulnerability is characterized by an improper access check mechanism that allows unauthenticated users to access webservice endpoints. It received a CVSS v3.1 base score of 5.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating network accessibility, low attack complexity, and no required privileges or user interaction (NVD).

The vulnerability allows attackers to access sensitive information about Joomla installations, including system configuration details and MySQL database credentials in plaintext. This access could potentially lead to unauthorized database access and further system compromise (SentinelOne).

The primary mitigation is to upgrade to Joomla! version 4.2.8 or later. CISA has set a due date of January 29, 2024, for federal agencies to apply the vendor-provided mitigations (CISA Alert).