Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-H47M-3F78-QP9G
HistoryFeb 13, 2024 - 5:23 p.m.

TYPO3 Install Tool vulnerable to Information Disclosure of Encryption Key

2024-02-1317:23:31
CWE-200
GitHub Advisory Database
github.com
9
typo3
install tool
vulnerability
encryption key
information disclosure
http request
administrator account
system maintainer
update
elts
lts
security team
benjamin franzke
typo3-core-sa-2024-004

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0

Percentile

9.0%

JSON

Problem

The plaintext value of $GLOBALS['SYS']['encryptionKey'] was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions.

Solution

Update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described.

Credits

Thanks to TYPO3 core & security team member Benjamin Franzke who fixed the issue.

References

Affected configurations

Vulners
Node
typo3cms-coreMatch13.0.0
OR
typo3cms-coreRange12.0.012.4.10
OR
typo3cms-coreRange11.0.011.5.34
OR
typo3cms-coreRange10.0.010.4.42
OR
typo3cms-coreRange9.0.09.5.45
OR
typo3cms-coreRange8.0.08.7.56
VendorProductVersionCPE
typo3cms-core13.0.0cpe:2.3:a:typo3:cms-core:13.0.0:*:*:*:*:*:*:*
typo3cms-core*cpe:2.3:a:typo3:cms-core:*:*:*:*:*:*:*:*

Related

vulnrichment 1
cvelist 1
cve 1
nvd 1
prion 1
nessus 2
veracode 1
osv 1
freebsd 1
vulnrichment
vulnrichment
CVE-2024-25119 Information Disclosure of Encryption Key in TYPO3 Install Tool
2024-02-13 22:16:37
cvelist
cvelist
CVE-2024-25119 Information Disclosure of Encryption Key in TYPO3 Install Tool
2024-02-13 22:16:37
cve
cve
CVE-2024-25119
2024-02-13 23:15:08
nvd
nvd
CVE-2024-25119
2024-02-13 23:15:08
prion
prion
Design/Logic Flaw
2024-02-13 23:15:00
nessus
nessus
TYPO3 8.0.0 < 8.7.57 ELTS / 9.0.0 < 9.5.46 ELTS / 10.0.0 < 10.4.43 ELTS / 11.0.0 < 11.5.35 / 12.0.0 < 12.4.11 / 13.0.1 (TYPO3-CORE-SA-2024-004)
2024-02-13 00:00:00
FreeBSD : typo3-{11,12} -- multiple vulnerabilities (1ad3d264-e36b-11ee-9c27-40b034429ecf)
2024-03-17 00:00:00
veracode
veracode
Information Disclosure
2024-02-14 06:56:57
osv
osv
TYPO3 Install Tool vulnerable to Information Disclosure of Encryption Key
2024-02-13 17:23:31
freebsd
freebsd
typo3-{11,12} -- multiple vulnerabilities
2024-02-13 00:00:00

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0

Percentile

9.0%

JSON
Related for GHSA-H47M-3F78-QP9G
vulnrichment1cvelist1cve1nvd1prion1nessus2veracode1osv1freebsd1