Lucene search
Copyright (C) 2022 Greenbone AGOPENVAS:1361412562310126253HistoryDec 14, 2022 - 12:00 a.m.
TYPO3 Weak Authentication Vulnerability (TYPO3-CORE-SA-2022-013)
2022-12-1400:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
5
typo3
authentication
vulnerability
weak
version 8
version 9
version 10
version 11
version 12
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.2%
TYPO3 is prone to a weak authentication vulnerability.
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
CPE = "cpe:/a:typo3:typo3";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.126253");
script_version("2023-10-19T05:05:21+0000");
script_tag(name:"last_modification", value:"2023-10-19 05:05:21 +0000 (Thu, 19 Oct 2023)");
script_tag(name:"creation_date", value:"2022-12-14 10:26:09 +0000 (Wed, 14 Dec 2022)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-12-16 17:57:00 +0000 (Fri, 16 Dec 2022)");
script_cve_id("CVE-2022-23501");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("TYPO3 Weak Authentication Vulnerability (TYPO3-CORE-SA-2022-013)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Web application abuses");
script_dependencies("gb_typo3_http_detect.nasl");
script_mandatory_keys("typo3/detected");
script_tag(name:"summary", value:"TYPO3 is prone to a weak authentication vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Restricting frontend login to specific users, organized in
different storage folders (partitions), can be bypassed.");
script_tag(name:"affected", value:"TYPO3 version 8.0.0 through 8.7.48 ELTS, 9.0.0 through 9.5.37
ELTS, 10.0.0 through 10.4.32, 11.0.0 through 11.5.19 and 12.0.0 through 12.1.0.");
script_tag(name:"solution", value:"Update to version 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20,
12.1.1 or later.
Note: Since version 12.1.1 contains a known regression, vendor suggests to use 12.1.2 instead.");
script_xref(name:"URL", value:"https://typo3.org/article/typo3-1211-11520-and-10433-security-releases-published");
script_xref(name:"URL", value:"https://typo3.org/security/advisory/typo3-core-sa-2022-013");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (!port = get_app_port(cpe: CPE))
exit(0);
if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE, version_regex: "[0-9]+\.[0-9]+\.[0-9]+")) # nb: Version might not be exact enough
exit(0);
version = infos["version"];
location = infos["location"];
if (version_in_range_exclusive(version: version, test_version_lo: "8.0", test_version_up: "8.7.49")) {
report = report_fixed_ver(installed_version: version, fixed_version: "8.7.49", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "9.0", test_version_up: "9.5.38")) {
report = report_fixed_ver(installed_version: version, fixed_version: "9.5.38", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "10.0", test_version_up: "10.4.33")) {
report = report_fixed_ver(installed_version: version, fixed_version: "10.4.33", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "11.0", test_version_up: "11.5.20")) {
report = report_fixed_ver(installed_version: version, fixed_version: "11.5.20", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "12.0", test_version_up: "12.1.2")) {
report = report_fixed_ver(installed_version: version, fixed_version: "12.1.2", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);
Related
cve
cve
CVE-2022-23501
2022-12-14 08:15:10
ubuntucve
ubuntucve
CVE-2022-23501
2022-12-14 00:00:00
osv
osv
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
2022-12-13 17:04:02
CVE-2022-23501
2022-12-14 08:15:10
BIT-typo3-2022-23501
2024-03-06 11:10:05
github
github
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
2022-12-13 17:04:02
friendsofphp
friendsofphp
TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login
2022-12-13 09:18:59
TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login
2022-12-13 09:18:59
nvd
nvd
CVE-2022-23501
2022-12-14 08:15:10
prion
prion
Authentication flaw
2022-12-14 08:15:00
nessus
nessus
cvelist
cvelist
CVE-2022-23501 TYPO3 vulnerable to Improper Authentication in Frontend Login
2022-12-14 07:23:46
veracode
veracode
Authentication Bypass
2022-12-15 05:01:04
freebsd
freebsd
typo3 -- multiple vulnerabilities
2022-12-13 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.2%
Related for OPENVAS:1361412562310126253