Lucene search

TYPO3 AssociationTYPO3-CORE-SA-2021-005

HistoryMar 16, 2021 - 12:00 a.m.

Denial of Service in Page Error Handling

2021-03-1600:00:00

TYPO3 Association

typo3.org

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded.

CPENameOperatorVersion
typo3 cmsge9.0.0
typo3 cmsle9.5.24
typo3 cmsge10.0.0
typo3 cmsle10.4.13
typo3 cmsge11.0.0
typo3 cmsle11.1.0

Name	Operator	Version
typo3 cms	ge	9.0.0
typo3 cms	le	9.5.24
typo3 cms	ge	10.0.0
typo3 cms	le	10.4.13
typo3 cms	ge	11.0.0
typo3 cms	le	11.1.0

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for TYPO3-CORE-SA-2021-005