CVE-2024-25121

EPSS 0.23%
Veröffentlicht 13.02.2024 23:15:09
Zuletzt bearbeitet 21.11.2024 09:00:17
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage ("zero-storage") is used as a backward compatibility layer for files located outside properly configured file storages and within the public web root directory. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 version 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, or 13.0.1 which fix the problem described. When persisting entities of the File Abstraction Layer directly via DataHandler, `sys_file` entities are now denied by default, and `sys_file_reference` & `sys_file_metadata` entities are not permitted to reference files in the fallback storage anymore. When importing data from secure origins, this must be explicitly enabled in the corresponding DataHandler instance by using `$dataHandler->isImporting = true;`.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Typo3 ≫ Typo3 Version >= 8.0.0 < 8.7.57

Typo3 ≫ Typo3 Version >= 9.0.0 < 9.5.46

Typo3 ≫ Typo3 Version >= 10.0.0 < 10.4.43

Typo3 ≫ Typo3 Version >= 11.0.0 < 11.5.35

Typo3 ≫ Typo3 Version >= 12.0.0 < 12.4.11

Typo3 ≫ Typo3 Version13.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.456

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
security-advisories@github.com	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66

Third Party Advisory

https://typo3.org/security/advisory/typo3-core-sa-2024-006

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-25121

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-25121

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-25121

EUVD