Описание
The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:typo3:typo3:6.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00186
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
ubuntu
больше 11 лет назад
The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.
debian
больше 11 лет назад
The Authentication component in TYPO3 6.2.0 before 6.2.3 does not prop ...
EPSS
Процентиль: 41%
0.00186
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-287