A critical SQL injection vulnerability has been discovered in versions 3.2.0 through 3.4.4 of Joomla!, an open-source content management system (CMS) that is used by about 2.8 million websites worldwide. This vulnerability exists in the core module of Joomla! and, combined with other security issues, can allow malicious hackers to gain full administrative control over Joomla! websites. CVE-2015-7297, CVE-2015-7857 and CVE-2015-7858 cover the vulnerability and its related variations.
Customers are advised to upgrade to Joomla! 3.4.5 as soon as possible. In the meantime, Verizon’s cloud-based Web Application Firewall (WAF) can protect your website against this vulnerability. Our WAF supports the latest version (2.2.9) of the OWASP ModSecurity Core Rule Set (CRS). Customers can use Rule ID 950007 of the SQL injection policy in the CRS to block the Blind SQL Injection attacks that allow this vulnerability to be exploited.
Keep in mind that SQL injection can be used to exploit a variety of vulnerabilities, both known and unknown. Using a WAF is a very effective way of stopping such attacks. Verizon’s WAF provides out-of-the-box rules to block many variations of SQL injection attacks. Our WAF also provides rules to protect against many publicly disclosed vulnerabilities in Joomla! and other applications, such as WordPress, OSCommerce and Sharepoint, among others.
To learn more about our WAF, click here.
David Andrews, Sec.C Lead Engineer, Vikas Phonsa, Senior Product Manager – Security Solutions