What is CVE-2022-24784?

CVE-2022-24784 is a vulnerability in Statamic CMS versions 3.2.39 and 3.3.2 that allows an attacker to uncover a user's password hash using a specially crafted regular expression filter.

How does CVE-2022-24784 work?

CVE-2022-24784 works by making multiple requests to the users endpoint of the REST API with a specially crafted regular expression filter in order to reveal the entire password hash.

What is the severity of CVE-2022-24784?

CVE-2022-24784 has a severity rating of medium with a value of 3.7.

How can I check if my Statamic CMS version is affected?

You can check if your Statamic CMS version is affected by CVE-2022-24784 by verifying if it is either version 3.2.39 or between version 3.3.0 and 3.3.2.

How do I fix CVE-2022-24784?

To fix CVE-2022-24784, you should update your Statamic CMS to a version higher than 3.3.2.

Vulnerability/
CVE-2022-24784

medium

4.3

CWE

203 200

25/3/2022

3/8/2024

CVE-2022-24784: Discoverability of user password hash in Statamic CMS

First published: Fri Mar 25 2022(Updated: )

Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above.

Credit: security-advisories@github.com

Affected Software	Affected Version	How to fix
Statamic Statamic	<3.2.39
Statamic Statamic	>=3.3.0<3.3.2

Remedy

https://github.com/statamic/cms/issues/5604

Remedy

https://github.com/statamic/cms/pull/5568

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-24784?
CVE-2022-24784 is a vulnerability in Statamic CMS versions 3.2.39 and 3.3.2 that allows an attacker to uncover a user's password hash using a specially crafted regular expression filter.
How does CVE-2022-24784 work?
CVE-2022-24784 works by making multiple requests to the users endpoint of the REST API with a specially crafted regular expression filter in order to reveal the entire password hash.
What is the severity of CVE-2022-24784?
CVE-2022-24784 has a severity rating of medium with a value of 3.7.
How can I check if my Statamic CMS version is affected?
You can check if your Statamic CMS version is affected by CVE-2022-24784 by verifying if it is either version 3.2.39 or between version 3.3.0 and 3.3.2.
How do I fix CVE-2022-24784?
To fix CVE-2022-24784, you should update your Statamic CMS to a version higher than 3.3.2.

collector/nvd-index
agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/title
agent/references
agent/severity
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/statamic
canonical/statamic statamic
version/statamic statamic/3.3.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.