Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-M2JH-FXW4-GPHM
HistoryOct 05, 2021 - 8:23 p.m.

HTTP Host Header Injection

2021-10-0520:23:35
CWE-20
CWE-644
GitHub Advisory Database
github.com
33

0.001 Low

EPSS

Percentile

32.3%

JSON

Meta

  • CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C (3.5)

Problem

It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment.

This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting $GLOBALS[‘TYPO3_CONF_VARS’][‘SYS’][‘trustedHostsPattern’] (used as an effective mitigation strategy in previous TYPO3 versions) was not evaluated anymore, and reintroduced the vulnerability.

Solution

Update your instance to TYPO3 version 11.5.0 which addresses the problem described.

Credits

Thanks to TYPO3 framework merger Benjamin Franzke who reported and fixed the issue.

References

CPENameOperatorVersion
typo3/cmslt11.5.0
typo3/cms-corelt11.5.0

Related

osv 5
typo3 2
prion 2
cvelist 2
cve 2
ubuntucve 2
cnvd 1
friendsofphp 3
openvas 5
github 1
nessus 3
suse 1
securityvulns 1
osv
osv
CVE-2021-41114
2021-10-05 18:15:08
HTTP Host Header Injection
2021-10-05 20:23:35
BIT-typo3-2021-41114
2024-03-06 11:10:15
typo3
typo3
HTTP Host Header Injection in Request Handling
2021-10-05 00:00:00
Multiple Vulnerabilities in TYPO3 CMS
2014-05-22 00:00:00
prion
prion
Input validation
2021-10-05 18:15:00
Spoofing
2014-06-03 14:55:00
cvelist
cvelist
CVE-2021-41114 HTTP Host Header Injection in Request Handling in Typo3
2021-10-05 17:15:11
CVE-2014-3941
2014-06-03 14:00:00
cve
cve
CVE-2021-41114
2021-10-05 18:15:00
CVE-2014-3941
2014-06-03 14:55:00
ubuntucve
ubuntucve
CVE-2021-41114
2021-10-05 00:00:00
CVE-2014-3941
2014-06-03 00:00:00
cnvd
cnvd
TYPO3 HTTP header injection vulnerability
2021-12-01 00:00:00
friendsofphp
friendsofphp
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling
2021-10-05 11:02:47
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling
2021-10-05 11:02:47
Possible Host Spoofing through SERVER_NAME
2014-05-22 09:34:08
openvas
openvas
TYPO3 HTTP Host Header Injection Vulnerability (TYPO3-CORE-SA-2021-015)
2021-10-07 00:00:00
TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2014-001)
2014-07-03 00:00:00
openSUSE: Security Advisory for Typo3 (openSUSE-SU-2016:2025-1)
2016-08-11 00:00:00
github
github
Typo3 Host Header Spoofing Vulnerability
2022-05-14 04:01:58
nessus
nessus
openSUSE Security Update : typo3-cms-4_7 (openSUSE-2016-1002)
2016-08-22 00:00:00
openSUSE Security Update : typo3-cms-4_5 (openSUSE-SU-2014:0813-1)
2014-06-19 00:00:00
openSUSE Security Update : typo3 (openSUSE-2016-959)
2016-08-12 00:00:00
suse
suse
Important security fixes for Typo3 (important)
2016-08-10 22:09:17
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-06-14 00:00:00

0.001 Low

EPSS

Percentile

32.3%

JSON
Related for GHSA-M2JH-FXW4-GPHM
osv5typo32prion2cvelist2cve2ubuntucve2cnvd1friendsofphp3openvas5github1nessus3suse1securityvulns1