Vulnerability-Lookup

CVE-2022-31046 (GCVE-0-2022-31046)

Vulnerability from cvelistv5 – Published: 2022-06-14 20:40 – Updated: 2025-04-23 18:15

Title

Information Disclosure via Export Module in TYPO3 CMS

Summary

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/TYPO3/typo3/security/advisorie…	x_refsource_CONFIRM
	https://github.com/TYPO3/typo3/commit/7447a3d1283…	x_refsource_MISC
	https://typo3.org/security/advisory/typo3-core-sa…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	TYPO3	typo3	Affected: >= 7.0.0, < 7.6.57 Affected: >= 8.0.0, < 8.7.47 Affected: >= 9.0.0, < 9.5.34 Affected: >= 10.0.0, < 10.4.29 Affected: >= 11.0.0, < 11.5.11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:03:40.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31046",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T14:05:21.117586Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:15:44.206Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "typo3",
          "vendor": "TYPO3",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.6.57"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0, \u003c 8.7.47"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0, \u003c 9.5.34"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.0.0, \u003c 10.4.29"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0, \u003c 11.5.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-14T22:00:32.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
        }
      ],
      "source": {
        "advisory": "GHSA-8gmv-9hwg-w89g",
        "discovery": "UNKNOWN"
      },
      "title": "Information Disclosure via Export Module in TYPO3 CMS",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31046",
          "STATE": "PUBLIC",
          "TITLE": "Information Disclosure via Export Module in TYPO3 CMS"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "typo3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 7.0.0, \u003c 7.6.57"
                          },
                          {
                            "version_value": "\u003e= 8.0.0, \u003c 8.7.47"
                          },
                          {
                            "version_value": "\u003e= 9.0.0, \u003c 9.5.34"
                          },
                          {
                            "version_value": "\u003e= 10.0.0, \u003c 10.4.29"
                          },
                          {
                            "version_value": "\u003e= 11.0.0, \u003c 11.5.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "TYPO3"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g",
              "refsource": "CONFIRM",
              "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
            },
            {
              "name": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9",
              "refsource": "MISC",
              "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
            },
            {
              "name": "https://typo3.org/security/advisory/typo3-core-sa-2022-001",
              "refsource": "MISC",
              "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-8gmv-9hwg-w89g",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31046",
    "datePublished": "2022-06-14T20:40:22.000Z",
    "dateReserved": "2022-05-18T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:15:44.206Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.6.57\", \"matchCriteriaId\": \"A15251A1-BC05-4C05-AED2-0E2CF75BB054\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndExcluding\": \"8.7.47\", \"matchCriteriaId\": \"CD542E1B-F3BA-4816-B97D-D877EFADA02D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\", \"versionStartIncluding\": \"9.0.0\", \"versionEndExcluding\": \"9.5.35\", \"matchCriteriaId\": \"83732441-A020-4401-A274-067B95354BB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.4.29\", \"matchCriteriaId\": \"272C6A8B-94DB-4A74-BB3A-24CD0486DFA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndExcluding\": \"11.5.11\", \"matchCriteriaId\": \"772D645D-5158-416C-BF2C-74E5E43EF1DC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.\"}, {\"lang\": \"es\", \"value\": \"TYPO3 es un sistema de administraci\\u00f3n de contenidos web de c\\u00f3digo abierto. En versiones anteriores a 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29 y 11.5.11, la funcionalidad de exportaci\\u00f3n no limitaba el conjunto de resultados a las columnas permitidas de una tabla de base de datos concreta. De este modo, los usuarios autenticados pueden exportar detalles internos de las tablas de la base de datos a las que ya presentan acceso. TYPO3 versiones 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 corrigen el problema descrito anteriormente. Para abordar este problema, el acceso a la mencionada funcionalidad de exportaci\\u00f3n est\\u00e1 completamente denegado para los usuarios habituales del backend\"}]",
      "id": "CVE-2022-31046",
      "lastModified": "2024-11-21T07:03:46.810",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-06-14T21:15:15.987",
      "references": "[{\"url\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-319\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-31046\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-06-14T21:15:15.987\",\"lastModified\":\"2024-11-21T07:03:46.810\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.\"},{\"lang\":\"es\",\"value\":\"TYPO3 es un sistema de administraci\u00f3n de contenidos web de c\u00f3digo abierto. En versiones anteriores a 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29 y 11.5.11, la funcionalidad de exportaci\u00f3n no limitaba el conjunto de resultados a las columnas permitidas de una tabla de base de datos concreta. De este modo, los usuarios autenticados pueden exportar detalles internos de las tablas de la base de datos a las que ya presentan acceso. TYPO3 versiones 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 corrigen el problema descrito anteriormente. Para abordar este problema, el acceso a la mencionada funcionalidad de exportaci\u00f3n est\u00e1 completamente denegado para los usuarios habituales del backend\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-319\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.6.57\",\"matchCriteriaId\":\"A15251A1-BC05-4C05-AED2-0E2CF75BB054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.7.47\",\"matchCriteriaId\":\"CD542E1B-F3BA-4816-B97D-D877EFADA02D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.5.35\",\"matchCriteriaId\":\"83732441-A020-4401-A274-067B95354BB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.4.29\",\"matchCriteriaId\":\"272C6A8B-94DB-4A74-BB3A-24CD0486DFA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.5.11\",\"matchCriteriaId\":\"772D645D-5158-416C-BF2C-74E5E43EF1DC\"}]}]}],\"references\":[{\"url\":\"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://typo3.org/security/advisory/typo3-core-sa-2022-001\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://typo3.org/security/advisory/typo3-core-sa-2022-001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:03:40.293Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31046\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T14:05:21.117586Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T14:05:22.531Z\"}}], \"cna\": {\"title\": \"Information Disclosure via Export Module in TYPO3 CMS\", \"source\": {\"advisory\": \"GHSA-8gmv-9hwg-w89g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"TYPO3\", \"product\": \"typo3\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 7.0.0, \u003c 7.6.57\"}, {\"status\": \"affected\", \"version\": \"\u003e= 8.0.0, \u003c 8.7.47\"}, {\"status\": \"affected\", \"version\": \"\u003e= 9.0.0, \u003c 9.5.34\"}, {\"status\": \"affected\", \"version\": \"\u003e= 10.0.0, \u003c 10.4.29\"}, {\"status\": \"affected\", \"version\": \"\u003e= 11.0.0, \u003c 11.5.11\"}]}], \"references\": [{\"url\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-06-14T22:00:32.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, \"source\": {\"advisory\": \"GHSA-8gmv-9hwg-w89g\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003e= 7.0.0, \u003c 7.6.57\"}, {\"version_value\": \"\u003e= 8.0.0, \u003c 8.7.47\"}, {\"version_value\": \"\u003e= 9.0.0, \u003c 9.5.34\"}, {\"version_value\": \"\u003e= 10.0.0, \u003c 10.4.29\"}, {\"version_value\": \"\u003e= 11.0.0, \u003c 11.5.11\"}]}, \"product_name\": \"typo3\"}]}, \"vendor_name\": \"TYPO3\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"name\": \"https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"name\": \"https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9\", \"refsource\": \"MISC\"}, {\"url\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"name\": \"https://typo3.org/security/advisory/typo3-core-sa-2022-001\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-31046\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Information Disclosure via Export Module in TYPO3 CMS\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-31046\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T18:15:44.206Z\", \"dateReserved\": \"2022-05-18T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-06-14T20:40:22.000Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2022-AVI-549

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans TYPO3. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Typo3	Typo3	TYPO3 versions 8.x antérieures à 8.7.47 ELTS
Typo3	Typo3	TYPO3 versions 7.x antérieures à 7.6.57 ELTS
Typo3	Typo3	TYPO3 versions 9.x antérieures à 9.5.35 ELTS
Typo3	Typo3	TYPO3 versions 10.x antérieures à 10.4.29
Typo3	Typo3	TYPO3 versions 11.x antérieures à 11.5.11

References

Title

Publication Time

Tags

Bulletin de sécurité TYPO3 GHSA-fh99-4pgr-8j99 du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-wwjw-r3gj-39fq du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-h4mx-xv96-2jgm du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-8gmv-9hwg-w89g du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-3r95-23jp-mhvg du 14 juin 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TYPO3 versions 8.x ant\u00e9rieures \u00e0 8.7.47 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 7.x ant\u00e9rieures \u00e0 7.6.57 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 9.x ant\u00e9rieures \u00e0 9.5.35 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 10.x ant\u00e9rieures \u00e0 10.4.29",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 11.x ant\u00e9rieures \u00e0 11.5.11",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-31046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31046"
    },
    {
      "name": "CVE-2022-31050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31050"
    },
    {
      "name": "CVE-2022-31047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31047"
    },
    {
      "name": "CVE-2022-31049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31049"
    },
    {
      "name": "CVE-2022-31048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31048"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-549",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans TYPO3. Elles\npermettent \u00e0 un attaquant de provoquer un contournement de la politique\nde s\u00e9curit\u00e9, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans TYPO3",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-fh99-4pgr-8j99 du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-fh99-4pgr-8j99"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-wwjw-r3gj-39fq du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wwjw-r3gj-39fq"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-h4mx-xv96-2jgm du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h4mx-xv96-2jgm"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-8gmv-9hwg-w89g du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-3r95-23jp-mhvg du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3r95-23jp-mhvg"
    }
  ]
}

CERTFR-2022-AVI-549

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Typo3	Typo3	TYPO3 versions 8.x antérieures à 8.7.47 ELTS
Typo3	Typo3	TYPO3 versions 7.x antérieures à 7.6.57 ELTS
Typo3	Typo3	TYPO3 versions 9.x antérieures à 9.5.35 ELTS
Typo3	Typo3	TYPO3 versions 10.x antérieures à 10.4.29
Typo3	Typo3	TYPO3 versions 11.x antérieures à 11.5.11

References

Title

Publication Time

Tags

Bulletin de sécurité TYPO3 GHSA-fh99-4pgr-8j99 du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-wwjw-r3gj-39fq du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-h4mx-xv96-2jgm du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-8gmv-9hwg-w89g du 14 juin 2022	None	vendor-advisory
Bulletin de sécurité TYPO3 GHSA-3r95-23jp-mhvg du 14 juin 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TYPO3 versions 8.x ant\u00e9rieures \u00e0 8.7.47 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 7.x ant\u00e9rieures \u00e0 7.6.57 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 9.x ant\u00e9rieures \u00e0 9.5.35 ELTS",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 10.x ant\u00e9rieures \u00e0 10.4.29",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    },
    {
      "description": "TYPO3 versions 11.x ant\u00e9rieures \u00e0 11.5.11",
      "product": {
        "name": "Typo3",
        "vendor": {
          "name": "Typo3",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-31046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31046"
    },
    {
      "name": "CVE-2022-31050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31050"
    },
    {
      "name": "CVE-2022-31047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31047"
    },
    {
      "name": "CVE-2022-31049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31049"
    },
    {
      "name": "CVE-2022-31048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31048"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-549",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans TYPO3. Elles\npermettent \u00e0 un attaquant de provoquer un contournement de la politique\nde s\u00e9curit\u00e9, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans TYPO3",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-fh99-4pgr-8j99 du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-fh99-4pgr-8j99"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-wwjw-r3gj-39fq du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wwjw-r3gj-39fq"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-h4mx-xv96-2jgm du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h4mx-xv96-2jgm"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-8gmv-9hwg-w89g du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TYPO3 GHSA-3r95-23jp-mhvg du 14 juin 2022",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3r95-23jp-mhvg"
    }
  ]
}

GHSA-8GMV-9HWG-W89G

Vulnerability from github – Published: 2022-06-17 20:52 – Updated: 2022-06-24 19:13

Summary

Information Disclosure via Export Module

Details

Meta

CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C (4.0)

Problem

The export functionality fails to limit the result set to allowed columns of a particular database table. This allows authenticated users to export internal details of database tables to which they already have access.

Solution

Update to TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.35 ELTS, 10.4.29, 11.5.11 that fix the problem described above.

In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.

ℹ️ Strong security defaults - Manual actions required Following User TSconfig setting would allow using the export functionality for particular users:

options.impexp.enableExportForNonAdminUser = 1

Credits

Thanks to TYPO3 core merger Lina Wolf who reported this issue and to TYPO3 security member Torben Hansen who fixed the issue.

References

TYPO3-CORE-SA-2022-001

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.6.57"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.7.47"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.5.35"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.4.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.5.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.4.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.5.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-319"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-17T20:52:47Z",
    "nvd_published_at": "2022-06-14T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "\u003e ### Meta\n\u003e * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C` (4.0)\n\n### Problem\nThe export functionality fails to limit the result set to allowed columns of a particular database table. This allows authenticated users to export internal details of database tables to which they already have access.\n\n### Solution\nUpdate to TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.35 ELTS, 10.4.29, 11.5.11 that fix the problem described above.\n\nIn order to address this issue, access to mentioned export functionality is completely denied for regular backend users.\n\n\u2139\ufe0f  **Strong security defaults - Manual actions required**\nFollowing User TSconfig setting would allow using the export functionality for particular users:\n```\noptions.impexp.enableExportForNonAdminUser = 1\n```\n\n### Credits\nThanks to TYPO3 core merger Lina Wolf who reported this issue and to TYPO3 security member Torben Hansen  who fixed the issue.\n\n### References\n* [TYPO3-CORE-SA-2022-001](https://typo3.org/security/advisory/typo3-core-sa-2022-001)",
  "id": "GHSA-8gmv-9hwg-w89g",
  "modified": "2022-06-24T19:13:36Z",
  "published": "2022-06-17T20:52:47Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31046"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-31046.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31046.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TYPO3-CMS/core"
    },
    {
      "type": "WEB",
      "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Information Disclosure via Export Module"
}

GSD-2022-31046

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-31046

Aliases

CVE-2022-31046

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31046",
    "description": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.",
    "id": "GSD-2022-31046"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31046"
      ],
      "details": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.",
      "id": "GSD-2022-31046",
      "modified": "2023-12-13T01:19:17.645384Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-31046",
        "STATE": "PUBLIC",
        "TITLE": "Information Disclosure via Export Module in TYPO3 CMS"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "typo3",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003e= 7.0.0, \u003c 7.6.57"
                        },
                        {
                          "version_value": "\u003e= 8.0.0, \u003c 8.7.47"
                        },
                        {
                          "version_value": "\u003e= 9.0.0, \u003c 9.5.34"
                        },
                        {
                          "version_value": "\u003e= 10.0.0, \u003c 10.4.29"
                        },
                        {
                          "version_value": "\u003e= 11.0.0, \u003c 11.5.11"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "TYPO3"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g",
            "refsource": "CONFIRM",
            "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
          },
          {
            "name": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9",
            "refsource": "MISC",
            "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
          },
          {
            "name": "https://typo3.org/security/advisory/typo3-core-sa-2022-001",
            "refsource": "MISC",
            "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-8gmv-9hwg-w89g",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=7.0.0,\u003c7.6.57||\u003e=8.0.0,\u003c8.7.47||\u003e=9.0.0,\u003c9.5.35||\u003e=10.0.0,\u003c10.4.29||\u003e=11.0.0,\u003c11.5.11",
          "affected_versions": "All versions starting from 7.0.0 before 7.6.57, all versions starting from 8.0.0 before 8.7.47, all versions starting from 9.0.0 before 9.5.35, all versions starting from 10.0.0 before 10.4.29, all versions starting from 11.0.0 before 11.5.11",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-937"
          ],
          "date": "2022-06-23",
          "description": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.",
          "fixed_versions": [
            "7.6.57",
            "8.7.47",
            "9.5.35",
            "10.4.29",
            "11.5.11"
          ],
          "identifier": "CVE-2022-31046",
          "identifiers": [
            "GHSA-8gmv-9hwg-w89g",
            "CVE-2022-31046"
          ],
          "not_impacted": "All versions before 7.0.0, all versions starting from 7.6.57 before 8.0.0, all versions starting from 8.7.47 before 9.0.0, all versions starting from 9.5.35 before 10.0.0, all versions starting from 10.4.29 before 11.0.0, all versions starting from 11.5.11",
          "package_slug": "packagist/typo3/cms-core",
          "pubdate": "2022-06-17",
          "solution": "Upgrade to versions 7.6.57, 8.7.47, 9.5.35, 10.4.29, 11.5.11 or above.",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor",
          "urls": [
            "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-31046",
            "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9",
            "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-31046.yaml",
            "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31046.yaml",
            "https://typo3.org/security/advisory/typo3-core-sa-2022-001",
            "https://github.com/advisories/GHSA-8gmv-9hwg-w89g"
          ],
          "uuid": "50216aa1-69b5-4d35-9d54-3610003bccdb"
        },
        {
          "affected_range": "\u003e=10.0.0,\u003c10.4.29||\u003e=11.0.0,\u003c11.5.11",
          "affected_versions": "All versions starting from 10.0.0 before 10.4.29, all versions starting from 11.0.0 before 11.5.11",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-937"
          ],
          "date": "2022-06-23",
          "description": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.",
          "fixed_versions": [
            "10.4.29",
            "11.5.11"
          ],
          "identifier": "CVE-2022-31046",
          "identifiers": [
            "GHSA-8gmv-9hwg-w89g",
            "CVE-2022-31046"
          ],
          "not_impacted": "All versions before 10.0.0, all versions starting from 10.4.29 before 11.0.0, all versions starting from 11.5.11",
          "package_slug": "packagist/typo3/cms",
          "pubdate": "2022-06-17",
          "solution": "Upgrade to versions 10.4.29, 11.5.11 or above.",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor",
          "urls": [
            "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-31046",
            "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9",
            "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-31046.yaml",
            "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31046.yaml",
            "https://typo3.org/security/advisory/typo3-core-sa-2022-001",
            "https://github.com/advisories/GHSA-8gmv-9hwg-w89g"
          ],
          "uuid": "5492b3ef-9142-467b-a5e3-977ad34064f6"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.5.11",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.4.29",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.7.47",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.5.35",
                "versionStartIncluding": "9.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.6.57",
                "versionStartIncluding": "7.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31046"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-319"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://typo3.org/security/advisory/typo3-core-sa-2022-001",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
            },
            {
              "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
            },
            {
              "name": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2022-06-23T19:52Z",
      "publishedDate": "2022-06-14T21:15Z"
    }
  }
}

FKIE_CVE-2022-31046

Vulnerability from fkie_nvd - Published: 2022-06-14 21:15 - Updated: 2024-11-21 07:03

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g	Third Party Advisory
security-advisories@github.com	https://typo3.org/security/advisory/typo3-core-sa-2022-001	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://typo3.org/security/advisory/typo3-core-sa-2022-001	Vendor Advisory

Impacted products

Vendor	Product	Version
typo3	typo3	*
typo3	typo3	*
typo3	typo3	*
typo3	typo3	*
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
              "matchCriteriaId": "A15251A1-BC05-4C05-AED2-0E2CF75BB054",
              "versionEndExcluding": "7.6.57",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
              "matchCriteriaId": "CD542E1B-F3BA-4816-B97D-D877EFADA02D",
              "versionEndExcluding": "8.7.47",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
              "matchCriteriaId": "83732441-A020-4401-A274-067B95354BB6",
              "versionEndExcluding": "9.5.35",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "272C6A8B-94DB-4A74-BB3A-24CD0486DFA7",
              "versionEndExcluding": "10.4.29",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "772D645D-5158-416C-BF2C-74E5E43EF1DC",
              "versionEndExcluding": "11.5.11",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users."
    },
    {
      "lang": "es",
      "value": "TYPO3 es un sistema de administraci\u00f3n de contenidos web de c\u00f3digo abierto. En versiones anteriores a 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29 y 11.5.11, la funcionalidad de exportaci\u00f3n no limitaba el conjunto de resultados a las columnas permitidas de una tabla de base de datos concreta. De este modo, los usuarios autenticados pueden exportar detalles internos de las tablas de la base de datos a las que ya presentan acceso. TYPO3 versiones 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 corrigen el problema descrito anteriormente. Para abordar este problema, el acceso a la mencionada funcionalidad de exportaci\u00f3n est\u00e1 completamente denegado para los usuarios habituales del backend"
    }
  ],
  "id": "CVE-2022-31046",
  "lastModified": "2024-11-21T07:03:46.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-14T21:15:15.987",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/TYPO3/typo3/commit/7447a3d1283017d2ee08737a7972c720001a93e9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8gmv-9hwg-w89g"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-001"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-31046 (GCVE-0-2022-31046)

CERTFR-2022-AVI-549

Solution

CERTFR-2022-AVI-549

Solution

GHSA-8GMV-9HWG-W89G

Meta

Problem

Solution

Credits

References

GSD-2022-31046

FKIE_CVE-2022-31046

Tags

Sightings

Nomenclature