CVE-2024-25119 Information Disclosure of Encryption Key in TYPO3 Install Tool

2024-02-1322:16:37

CWE-200

GitHub_M

www.cve.org

typo3

encryption key

information disclosure

cve-2024-25119

install tool

gnu gpl

php

web content management

cryptographic hashes

administrator

backend user

system maintainer

elts

lts

security vulnerability

update

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of $GLOBALS['SYS']['encryptionKey'] was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability.

CNA Affected

[
  {
    "vendor": "TYPO3",
    "product": "typo3",
    "versions": [
      {
        "version": ">= 13.0.0, < 13.0.1",
        "status": "affected"
      },
      {
        "version": ">= 12.0.0, < 12.4.11",
        "status": "affected"
      },
      {
        "version": ">= 11.0.0, < 11.5.35",
        "status": "affected"
      },
      {
        "version": ">= 10.0.0, < 10.4.43",
        "status": "affected"
      },
      {
        "version": ">= 9.0.0, < 9.5.46",
        "status": "affected"
      },
      {
        "version": ">= 8.0.0, < 8.7.57",
        "status": "affected"
      }
    ]
  }
]