Lucene search

GoogleOSV:CVE-2022-37783

HistoryDec 05, 2022 - 9:15 p.m.

CVE-2022-37783

2022-12-0521:15:10

Google

osv.dev

craft cms

password hash

disclosure

anti-csrf-tokens

cross site request forgery

yii framework.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

53.7%

JSON

All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site Request Forgery attacks. The CRAFT_CSRF_TOKEN cookie discloses the password hash in without encoding it whereas the corresponding HTML hidden field discloses the users’ password hash in a masked manner, which can be decoded by using public functions of the YII framework.

CPENameOperatorVersion
cmseq2.7.5
cmseq3.1.17.1
cmseq3.2.0-beta.3
cmseq3.1.28
cmseq3.2.1
cmseq3.5.1
cmseq3.3.13
cmseq3.1.27
cmseq3.1.26
cmseq3.1.34.1

Name	Operator	Version
cms	eq	2.7.5
cms	eq	3.1.17.1
cms	eq	3.2.0-beta.3
cms	eq	3.1.28
cms	eq	3.2.1
cms	eq	3.5.1
cms	eq	3.3.13
cms	eq	3.1.27
cms	eq	3.1.26
cms	eq	3.1.34.1

Rows per page:

1-10 of 3781

References

www.openwall.com/lists/oss-security/2024/06/06/1

at-trustit.tuv.at/tuev-trust-it-cves/cve-disclosure-of-password-hashes/

cves.at/posts/cve-2022-37783/writeup/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

53.7%

JSON

Related for OSV:CVE-2022-37783