Lucene search

MitreCVE-2012-5890

HistoryNov 17, 2012 - 9:55 p.m.

CVE-2012-5890

2012-11-1721:55:01

CWE-200

mitre

web.nvd.nist.gov

typo3

front end

user registration

extension

remote attackers

credentials

security vulnerability

cve-2012-5890

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.2%

JSON

The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.

Affected configurations

Nvd

Node

stanislas_rollandsr_feuser_registerRange≤2.6.1

stanislas_rollandsr_feuser_registerMatch1.4.7

stanislas_rollandsr_feuser_registerMatch1.6.5

stanislas_rollandsr_feuser_registerMatch1.6.6

stanislas_rollandsr_feuser_registerMatch1.6.7

stanislas_rollandsr_feuser_registerMatch1.6.8

stanislas_rollandsr_feuser_registerMatch2.0.0

stanislas_rollandsr_feuser_registerMatch2.1.0

stanislas_rollandsr_feuser_registerMatch2.2.0

stanislas_rollandsr_feuser_registerMatch2.2.1

stanislas_rollandsr_feuser_registerMatch2.2.3

stanislas_rollandsr_feuser_registerMatch2.2.4

stanislas_rollandsr_feuser_registerMatch2.2.5

stanislas_rollandsr_feuser_registerMatch2.3.0

stanislas_rollandsr_feuser_registerMatch2.3.3

stanislas_rollandsr_feuser_registerMatch2.3.4

stanislas_rollandsr_feuser_registerMatch2.3.5

stanislas_rollandsr_feuser_registerMatch2.3.6

stanislas_rollandsr_feuser_registerMatch2.4

stanislas_rollandsr_feuser_registerMatch2.5

stanislas_rollandsr_feuser_registerMatch2.5.1

stanislas_rollandsr_feuser_registerMatch2.5.2

stanislas_rollandsr_feuser_registerMatch2.5.3

stanislas_rollandsr_feuser_registerMatch2.5.4

stanislas_rollandsr_feuser_registerMatch2.5.5

stanislas_rollandsr_feuser_registerMatch2.5.6

stanislas_rollandsr_feuser_registerMatch2.5.11

stanislas_rollandsr_feuser_registerMatch2.5.12

stanislas_rollandsr_feuser_registerMatch2.5.13

stanislas_rollandsr_feuser_registerMatch2.5.14

stanislas_rollandsr_feuser_registerMatch2.5.15

stanislas_rollandsr_feuser_registerMatch2.5.16

stanislas_rollandsr_feuser_registerMatch2.5.1718

stanislas_rollandsr_feuser_registerMatch2.5.19

typo3typo3Match-

VendorProductVersionCPE
stanislas_rollandsr_feuser_register*cpe:2.3:a:stanislas_rolland:sr_feuser_register:*:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.4.7cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4.7:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.6.5cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.5:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.6.6cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.6:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.6.7cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.7:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.6.8cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.8:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.0.0cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.0.0:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.1.0cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.1.0:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.2.0cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.0:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.2.1cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
stanislas_rolland	sr_feuser_register	*	cpe:2.3:a:stanislas_rolland:sr_feuser_register::::::::
stanislas_rolland	sr_feuser_register	1.4.7	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4.7:::::::*
stanislas_rolland	sr_feuser_register	1.6.5	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.5:::::::*
stanislas_rolland	sr_feuser_register	1.6.6	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.6:::::::*
stanislas_rolland	sr_feuser_register	1.6.7	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.7:::::::*
stanislas_rolland	sr_feuser_register	1.6.8	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6.8:::::::*
stanislas_rolland	sr_feuser_register	2.0.0	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.0.0:::::::*
stanislas_rolland	sr_feuser_register	2.1.0	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.1.0:::::::*
stanislas_rolland	sr_feuser_register	2.2.0	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.0:::::::*
stanislas_rolland	sr_feuser_register	2.2.1	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:::::::*

Rows per page:

1-10 of 351

References

forge.typo3.org/projects/extension-sr_feuser_register/repository/entry/trunk/ChangeLog

forge.typo3.org/projects/extension-sr_feuser_register/repository/revisions/58720

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002/

exchange.xforce.ibmcloud.com/vulnerabilities/80145

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.2%

JSON

Related for CVE-2012-5890