CVE-2024-25118 – typo3/cms-core

Package

Manager: composer
Name: typo3/cms-core
Vulnerable Version: >=8.0.0 <8.7.57 || >=9.0.0 <9.5.46 || >=10.0.0 <10.4.43 || >=11.0.0 <11.5.35 || >=12.0.0 <12.4.11 || =13.0.0 || >=13.0.0 <13.0.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00388 pctl0.59158

Details

TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords ### Problem Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. ### Solution Update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. ### Credits Thanks to the TYPO3 framework merger Christian Kuhn and external security researchers Maximilian Beckmann, Klaus-Günther Schmidt who reported this issue, and TYPO3 security team member Oliver Hader who fixed the issue. ### References * [TYPO3-CORE-SA-2024-003](https://typo3.org/security/advisory/typo3-core-sa-2024-003)

Metadata

Created: 2024-02-13T16:58:51Z
Modified: 2024-02-14T14:53:24Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-38r2-5695-334w/GHSA-38r2-5695-334w.json
CWE IDs: ["CWE-200"]
Alternative ID: GHSA-38r2-5695-334w
Finding: F038
Auto approve: 1