Lucene search
GoogleOSV:CVE-2022-31050HistoryJun 14, 2022 - 9:15 p.m.
CVE-2022-31050
2022-06-1421:15:16
Google
osv.dev
5
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.
| CPE | Name | Operator | Version |
|---|---|---|---|
| typo3 | eq | 8.6.0 | |
| typo3 | eq | 9.1.3 | |
| typo3 | eq | TYPO3_6-2-0 | |
| typo3 | eq | 12.0.10 | |
| typo3 | eq | 11.0.2 | |
| typo3 | eq | 11.0.0 | |
| typo3 | eq | TYPO3_6-2-0beta7 | |
| typo3 | eq | TYPO3_6-2-0beta6 | |
| typo3 | eq | TYPO3_6-2-0alpha3 | |
| typo3 | eq | TYPO3_6-2-3 |
Related
friendsofphp
friendsofphp
TYPO3-CORE-SA-2022-005: Insufficient Session Expiration in Admin Tool
2022-06-14 07:11:53
TYPO3-CORE-SA-2022-005: Insufficient Session Expiration in Admin Tool
2022-06-14 07:11:53
openvas
openvas
TYPO3 Session Expiration Vulnerability (TYPO3-CORE-SA-2022-005)
2022-06-15 00:00:00
nvd
nvd
CVE-2022-31050
2022-06-14 21:15:16
cve
cve
CVE-2022-31050
2022-06-14 21:15:16
osv
osv
BIT-typo3-2022-31050
2024-03-06 11:09:14
Insufficient Session Expiration in TYPO3's Admin Tool
2022-06-17 20:57:27
github
github
Insufficient Session Expiration in TYPO3's Admin Tool
2022-06-17 20:57:27
veracode
veracode
Session Fixation
2022-06-20 07:29:33
prion
prion
Design/Logic Flaw
2022-06-14 21:15:00
cvelist
cvelist
CVE-2022-31050 Insufficient Session Expiration in TYPO3 Admin Tool
2022-06-14 20:55:11