CVE-2010-1022

Опубликовано: 19 мар. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 allows remote attackers to bypass authentication via unspecified vectors.

Ссылки

http://secunia.com/advisories/38992
Vendor Advisory
http://typo3.org/extensions/repository/view/t3sec_saltedpw/0.2.13/
Patch
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/
Patch
Vendor Advisory
http://www.securityfocus.com/bid/38799
http://secunia.com/advisories/38992
Vendor Advisory
http://typo3.org/extensions/repository/view/t3sec_saltedpw/0.2.13/
Patch
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/
Patch
Vendor Advisory
http://www.securityfocus.com/bid/38799

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:marcus_krause:t3sec_saltedpw:*:*:*:*:*:*:*:*

Версия до 0.2.12 (включая)

cpe:2.3:a:marcus_krause:t3sec_saltedpw:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:marcus_krause:t3sec_saltedpw:0.2.9:*:*:*:*:*:*:*

cpe:2.3:a:marcus_krause:t3sec_saltedpw:0.2.10:*:*:*:*:*:*:*

cpe:2.3:a:marcus_krause:t3sec_saltedpw:0.2.11:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00383

Низкий

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-cgr9-h9qq-x9fx

github

почти 4 года назад

TYPO3 Authentication Bypass via Salted user password hashes extension