Lucene search
Veracode Vulnerability DatabaseVERACODE:44271HistoryNov 15, 2023 - 7:01 a.m.
Information Disclosure
2023-11-1507:01:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
typo3
information
disclosure
vulnerability
transient data directory
sensitive information
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.6%
TYPO3 is vulnerable to Information Disclosure. The vulnerability is due to disclosing the full path of the transient data directory resulting in sensitive information disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| typo3/cms | le | v12.4.7 | |
| typo3/cms-install | le | v12.4.7 | |
| typo3/cms | le | v12.4.7 | |
| typo3/cms-install | le | v12.4.7 |
Related
cve
cve
CVE-2023-47126
2023-11-14 20:15:08
cvelist
cvelist
CVE-2023-47126 Information Disclosure in Install Tool in typo3/cms-install
2023-11-14 20:01:16
osv
osv
Information Disclosure in typo3/cms-install tool
2023-11-14 20:34:26
CVE-2023-47126
2023-11-14 20:15:08
BIT-typo3-2023-47126
2024-03-06 11:07:42
nessus
nessus
TYPO3 12.2.0 < 12.4.8 (TYPO3-CORE-SA-2023-005)
2023-11-14 00:00:00
nvd
nvd
CVE-2023-47126
2023-11-14 20:15:08
github
github
Information Disclosure in typo3/cms-install tool
2023-11-14 20:34:26
prion
prion
Design/Logic Flaw
2023-11-14 20:15:00
freebsd
freebsd
typo3 -- Multiple vulnerabilities
2023-11-14 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.6%
Related for VERACODE:44271