7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.9%
> ### Meta
> * CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C
(5.5)
Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded.
This vulnerability is the same as described in TYPO3-CORE-SA-2021-005 (CVE-2021-21359). A regression, introduced during TYPO3 v11 development, led to this situation.
Update to TYPO3 version 11.5.16 that fixes the problem described above.
Thanks to Rik Willems who reported this issue and to TYPO3 core & security team member Oliver Hader who fixed the issue.
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36104.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36104.yaml
github.com/TYPO3/typo3
github.com/TYPO3/typo3/commit/179dd7cd78947081d573fee2050e197faa556f13
github.com/TYPO3/typo3/commit/fc51ccbf2bb8a8c959aa74cbceca124971e6e7fd
github.com/TYPO3/typo3/security/advisories/GHSA-fffr-7x4x-f98q
nvd.nist.gov/vuln/detail/CVE-2022-36104
typo3.org/security/advisory/typo3-core-sa-2022-006
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.9%