CVE-2024-25118: Information Disclosure of Hashed Passwords in TYPO3 Backend Forms
First published: Tue Feb 13 2024(Updated: )
### Problem Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. ### Solution Update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. ### Credits Thanks to the TYPO3 framework merger Christian Kuhn and external security researchers Maximilian Beckmann, Klaus-Günther Schmidt who reported this issue, and TYPO3 security team member Oliver Hader who fixed the issue. ### References * [TYPO3-CORE-SA-2024-003](https://typo3.org/security/advisory/typo3-core-sa-2024-003)
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/typo3/cms-core | =13.0.0 | 13.0.1 |
| composer/typo3/cms-core | >=12.0.0<=12.4.10 | 12.4.11 |
| composer/typo3/cms-core | >=11.0.0<=11.5.34 | 11.5.35 |
| composer/typo3/cms-core | >=10.0.0<=10.4.42 | 10.4.43 |
| composer/typo3/cms-core | >=9.0.0<=9.5.45 | 9.5.46 |
| composer/typo3/cms-core | >=8.0.0<=8.7.56 | 8.7.57 |
| TYPO3 | >=8.0.0<8.7.57 | |
| TYPO3 | >=9.0.0<9.5.46 | |
| TYPO3 | >=10.0.0<10.4.43 | |
| TYPO3 | >=11.0.0<11.5.35 | |
| TYPO3 | >=12.0.0<12.4.11 | |
| TYPO3 | =13.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w
- https://typo3.org/security/advisory/typo3-core-sa-2024-003
- https://github.com/TYPO3/typo3/commit/1186b2fec8a665a8f228ed66e6d60abf8407c17b
- https://github.com/TYPO3/typo3/commit/c7a135c25a14b852eebe4335f21ba3c606188f3a
- https://github.com/TYPO3/typo3/commit/cafc5af7fdce7734e6c8f9ecf2efd17b246fc049
- https://nvd.nist.gov/vuln/detail/CVE-2024-25118
- https://github.com/advisories/GHSA-38r2-5695-334w (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-25118?
CVE-2024-25118 is classified as a high severity vulnerability due to its potential to expose user passwords.
How do I fix CVE-2024-25118?
To fix CVE-2024-25118, you should update TYPO3 to version 13.0.1 or later, or apply the appropriate patch for earlier versions.
Who is affected by CVE-2024-25118?
CVE-2024-25118 affects users with valid backend accounts in TYPO3 versions prior to the fixed releases.
What are the consequences of exploiting CVE-2024-25118?
Exploiting CVE-2024-25118 allows attackers to potentially crack user passwords using brute force methods, leading to unauthorized access.
What versions of TYPO3 are vulnerable to CVE-2024-25118?
CVE-2024-25118 impacts several TYPO3 versions, including all versions below 13.0.1, as well as earlier versions like 12.4.10 and prior.
- agent/title
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/type
- agent/event
- agent/references
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-38r2-5695-334w
- alias/CVE-2024-25118
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- collector/github-advisory
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- package-manager/composer
- vendor/typo3
- canonical/typo3 typo3
- version/typo3 typo3/8.0.0
- version/typo3 typo3/9.0.0
- version/typo3 typo3/10.0.0
- version/typo3 typo3/11.0.0
- version/typo3 typo3/12.0.0
- version/typo3 typo3/13.0.0