Lucene search

GitHub Advisory DatabaseGHSA-3P4X-GRPM-XW58

HistoryJun 06, 2024 - 12:30 p.m.

Password hash exposed in CraftCMS two factor authentication plugin

2024-06-0612:30:36

CWE-200

CWE-522

GitHub Advisory Database

github.com

craftcms

two-factor authentication

plugin

password hash

totp

disclosure

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

4.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.4%

JSON

The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP.

Affected configurations

Vulners

Node

born05two-factor_authenticationRange<3.3.4craftcms

CPENameOperatorVersion
born05/craft-twofactorauthenticationlt3.3.4

CPE	Name	Operator	Version
	born05/craft-twofactorauthentication	lt	3.3.4

References

www.openwall.com/lists/oss-security/2024/06/06/1

github.com/advisories/GHSA-3p4x-grpm-xw58

github.com/born05/craft-twofactorauthentication/commit/eb93bcb73037171dae8ca5cfa4c20e7e5748b73a

github.com/born05/craft-twofactorauthentication/releases/tag/3.3.4

github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure

nvd.nist.gov/vuln/detail/CVE-2024-5657

plugins.craftcms.com/two-factor-authentication?craft4

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

4.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.4%

JSON

Related for GHSA-3P4X-GRPM-XW58