CVE-2023-54357 Artio CVE debrief

Who should care

Administrators and security teams responsible for Joomla installations, particularly those using the com_booking component version 2.4.9, should be aware of this vulnerability. Given the high severity and potential for exploitation, immediate attention is necessary to protect against potential attacks.

Technical summary

The CVE-2023-54357 vulnerability is caused by an insecure implementation of the getUserData function in the customer controller of the Joomla com_booking component. This function allows unauthenticated access to user data, including names, usernames, and email addresses. The vulnerability can be exploited by sending crafted GET requests to index.php with option=com_booking, controller=customer, task=getUserData, and an id parameter. Successful exploitation could lead to user account enumeration and potential information disclosure.

Defensive priority

High priority due to CVSS score of 8.7 and potential for easy exploitation.

Recommended defensive actions

• Apply the latest patch or update for the Joomla com_booking component to version 2.4.10 or later.
• Restrict access to the customer controller and getUserData function to authenticated users only.
• Implement rate limiting on requests to index.php to prevent brute force enumeration.
• Monitor Joomla installations for suspicious activity related to the com_booking component.
• Perform a thorough review of user accounts and email addresses for any signs of enumeration or unauthorized access.

Evidence notes

The primary evidence for this vulnerability comes from the CVE-2023-54357 record and the NVD detail page. The affected product is the Joomla com_booking component version 2.4.9. Evidence limits are based on information provided by the CVE and NVD sources. Defenders should verify the vulnerability status and affected versions from official Joomla and CVE/NVD sources.

Official resources