Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-31047
HistoryJun 14, 2022 - 9:15 p.m.

CVE-2022-31047

2022-06-1421:15:16
CWE-209
CWE-532
[email protected]
web.nvd.nist.gov
2

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

41.0%

JSON

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete exception stack trace. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 contain a fix for the problem.

Affected configurations

NVD
Node
typo3typo3Range7.0.07.6.57elts
OR
typo3typo3Range8.0.08.7.47elts
OR
typo3typo3Range9.0.09.5.35elts
OR
typo3typo3Range10.0.010.4.29
OR
typo3typo3Range11.0.011.5.11

Related

openvas 1
cve 1
friendsofphp 2
osv 3
cvelist 1
github 1
veracode 1
prion 1
openvas
openvas
TYPO3 Information Disclosure Vulnerability (TYPO3-CORE-SA-2022-002)
2022-06-15 00:00:00
cve
cve
CVE-2022-31047
2022-06-14 21:15:16
friendsofphp
friendsofphp
TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger
2022-06-14 07:11:27
TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger
2022-06-14 07:11:27
osv
osv
BIT-typo3-2022-31047
2024-03-06 11:09:36
Insertion of Sensitive Information into Log File in typo3/cms-core
2022-06-17 20:55:14
CVE-2022-31047
2022-06-14 21:15:16
cvelist
cvelist
CVE-2022-31047 Insertion of Sensitive Information into Log File in typo3/cms-core
2022-06-14 20:40:10
github
github
Insertion of Sensitive Information into Log File in typo3/cms-core
2022-06-17 20:55:14
veracode
veracode
Information Disclosure
2022-06-15 06:47:51
prion
prion
Code injection
2022-06-14 21:15:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

41.0%

JSON
Related for NVD:CVE-2022-31047
openvas1cve1friendsofphp2osv3cvelist1github1veracode1prion1