OpenCVE

TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Typo3	Typo3

Configuration 1 [-]

OR	cpe:2.3:a:typo3:typo3::::::::
	cpe:2.3:a:typo3:typo3::::::::
	cpe:2.3:a:typo3:typo3::::::::
	cpe:2.3:a:typo3:typo3::::::::
	cpe:2.3:a:typo3:typo3::::::::
	cpe:2.3:a:typo3:typo3:13.0.0:::::::*

No data.

References

Link	Providers
https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g
https://typo3.org/security/advisory/typo3-core-sa-2024-004

History

Wed, 16 Oct 2024 17:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Typo3 Typo3 typo3
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:typo3:typo3:::::::: cpe:2.3:a:typo3:typo3:13.0.0:::::::*
Vendors & Products		Typo3 Typo3 typo3

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-13T22:16:37.103Z

Updated: 2024-08-01T23:36:21.621Z

Reserved: 2024-02-05T14:14:46.379Z

Link: CVE-2024-25119

Vulnrichment

Updated: 2024-08-01T23:36:21.621Z

NVD

Status : Analyzed

Published: 2024-02-13T23:15:08.640

Modified: 2024-10-16T16:42:06.450

Link: CVE-2024-25119

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-25119", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-02-05T14:14:46.379Z", "datePublished": "2024-02-13T22:16:37.103Z", "dateUpdated": "2024-08-01T23:36:21.621Z"}, "containers": {"cna": {"title": "Information Disclosure of Encryption Key in TYPO3 Install Tool", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g"}, {"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "tags": ["x_refsource_MISC"], "url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004"}], "affected": [{"vendor": "TYPO3", "product": "typo3", "versions": [{"version": ">= 13.0.0, < 13.0.1", "status": "affected"}, {"version": ">= 12.0.0, < 12.4.11", "status": "affected"}, {"version": ">= 11.0.0, < 11.5.35", "status": "affected"}, {"version": ">= 10.0.0, < 10.4.43", "status": "affected"}, {"version": ">= 9.0.0, < 9.5.46", "status": "affected"}, {"version": ">= 8.0.0, < 8.7.57", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-13T22:16:37.103Z"}, "descriptions": [{"lang": "en", "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-h47m-3f78-qp9g", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-25119", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-14T15:01:19.406111Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:35:39.545Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:21.621Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g"}, {"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:21.621Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-25119", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-14T15:01:19.406111Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:11.356Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Information Disclosure of Encryption Key in TYPO3 Install Tool", "source": {"advisory": "GHSA-h47m-3f78-qp9g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "TYPO3", "product": "typo3", "versions": [{"status": "affected", "version": ">= 13.0.0, < 13.0.1"}, {"status": "affected", "version": ">= 12.0.0, < 12.4.11"}, {"status": "affected", "version": ">= 11.0.0, < 11.5.35"}, {"status": "affected", "version": ">= 10.0.0, < 10.4.43"}, {"status": "affected", "version": ">= 9.0.0, < 9.5.46"}, {"status": "affected", "version": ">= 8.0.0, < 8.7.57"}]}], "references": [{"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-13T22:16:37.103Z"}}}, "cveMetadata": {"cveId": "CVE-2024-25119", "state": "PUBLISHED", "dateUpdated": "2024-08-01T23:36:21.621Z", "dateReserved": "2024-02-05T14:14:46.379Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-02-13T22:16:37.103Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", "matchCriteriaId": "D27B5B1C-F807-411B-BCA1-112C85BDC3E5", "versionEndExcluding": "8.7.57", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1F52D81-C2B7-4AFE-A99E-7E40E0751082", "versionEndExcluding": "9.5.46", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCF72A1A-60DD-4588-8E90-B5D6D84854A9", "versionEndExcluding": "10.4.43", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAE0085D-3BA8-4076-BAB0-04BBB118A78D", "versionEndExcluding": "11.5.35", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D518ED7-F1C8-4836-B3D8-4D228A48F314", "versionEndExcluding": "12.4.11", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E20E3F5E-8C2B-4AC1-A3E3-B428710A5480", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "TYPO3 es un sistema de gesti\u00f3n de contenido web basado en PHP de c\u00f3digo abierto publicado bajo GNU GPL. El valor de texto plano de `$GLOBALS['SYS']['encryptionKey']` se mostr\u00f3 en los formularios de edici\u00f3n de la interfaz de usuario de la herramienta de instalaci\u00f3n TYPO3. Esto permiti\u00f3 a los atacantes utilizar el valor para generar hashes criptogr\u00e1ficos utilizados para verificar la autenticidad de los par\u00e1metros de solicitud HTTP. Para explotar esta vulnerabilidad se requiere una cuenta de usuario backend de nivel de administrador con permisos de fabricante del sistema. Se recomienda a los usuarios actualizar a las versiones 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 de TYPO3 que solucionan el problema descrito. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2024-25119", "lastModified": "2024-10-16T16:42:06.450", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-02-13T23:15:08.640", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}]}