CVE-2024-34358 TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController

2024-05-1414:26:36

CWE-200

CWE-347

GitHub_M

github.com

typo3

uncontrolled resource consumption

showimagecontroller

http

arbitrary number

thumbnail images

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the ShowImageController (_eID tx_cms_showpic_) lacks a cryptographic HMAC-signature on the frame HTTP query parameter (e.g. /index.php?eID=tx_cms_showpic?file=3&...&frame=12345). This allows adversaries to instruct the system to produce an arbitrary number of thumbnail images on the server side. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described.

CNA Affected

[
  {
    "vendor": "TYPO3",
    "product": "typo3",
    "versions": [
      {
        "version": ">= 9.0.0, < 9.5.48",
        "status": "affected"
      },
      {
        "version": ">= 10.0.0, < 10.4.45",
        "status": "affected"
      },
      {
        "version": ">= 11.0.0, < 11.5.37",
        "status": "affected"
      },
      {
        "version": ">= 12.0.0, < 12.4.15",
        "status": "affected"
      },
      {
        "version": ">= 13.0.0, < 13.1.1",
        "status": "affected"
      }
    ]
  }
]