Lucene search

K
githubGitHub Advisory DatabaseGHSA-JFP7-79G7-89RF
HistoryDec 13, 2022 - 5:04 p.m.

TYPO3 CMS vulnerable to Weak Authentication in Frontend Login

2022-12-1317:04:02
CWE-287
CWE-302
GitHub Advisory Database
github.com
22

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

28.1%

Problem

Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary.

Solution

Update to TYPO3 versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1 that fix the problem described above.

References

Affected configurations

Vulners
Node
typo3typo3Range<12.1.1
OR
typo3typo3Range<11.5.20
OR
typo3typo3Range<10.4.33
OR
typo3typo3Range<12.1.1
OR
typo3typo3Range<11.5.20
OR
typo3typo3Range<10.4.33
OR
typo3typo3Range<9.5.38
OR
typo3typo3Range<8.7.49

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

28.1%