CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
25.1%
> ### Meta
> * CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C
(4.0)
The export functionality fails to limit the result set to allowed columns of a particular database table. This allows authenticated users to export internal details of database tables to which they already have access.
Update to TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.35 ELTS, 10.4.29, 11.5.11 that fix the problem described above.
In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.
ā¹ļø Strong security defaults - Manual actions required
Following User TSconfig setting would allow using the export functionality for particular users:
options.impexp.enableExportForNonAdminUser = 1
Thanks to TYPO3 core merger Lina Wolf who reported this issue and to TYPO3 security member Torben Hansen who fixed the issue.
github.com/advisories/GHSA-8gmv-9hwg-w89g
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-31046.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31046.yaml
github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9
github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g
nvd.nist.gov/vuln/detail/CVE-2022-31046
typo3.org/security/advisory/typo3-core-sa-2022-001
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
25.1%