Fluid Attacks Database

Description

TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords

Problem

Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account.

Solution

Update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described.

Credits

Thanks to the TYPO3 framework merger Christian Kuhn and external security researchers Maximilian Beckmann, Klaus-Günther Schmidt who reported this issue, and TYPO3 security team member Oliver Hader who fixed the issue.

References

TYPO3-CORE-SA-2024-003

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
packagist	typo3/cms-core	>=8.0.0 <8.7.57 \|\| >=9.0.0 <9.5.46 \|\| >=10.0.0 <10.4.43 \|\| >=11.0.0 <11.5.35 \|\| >=12.0.0 <12.4.11 \|\| =13.0.0 \|\| >=13.0.0 <13.0.1	8.7.57, 9.5.46, 10.4.43, 11.5.35, 12.4.11, 13.0.1

Aliases

1. CVE-2024-251182. NVD-2024-251183. OSV-2024-251184. GHSA-38r2-5695-334w5. GCVE-2024-25118

References

1. https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w2. https://github.com/TYPO3/typo3/commit/1186b2fec8a665a8f228ed66e6d60abf8407c17b3. https://github.com/TYPO3/typo3/commit/c7a135c25a14b852eebe4335f21ba3c606188f3a4. https://github.com/TYPO3/typo3/commit/cafc5af7fdce7734e6c8f9ecf2efd17b246fc0495. https://typo3.org/security/advisory/typo3-core-sa-2024-003