GHSA-P9MP-VQ4V-V5M5

Vulnerability from github – Published: 2024-05-15 21:30 – Updated: 2024-05-15 21:30
VLAI
Summary
eZ Publish Legacy Passwordless login for LDAP users
Details

This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy.

Installations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may in rare cases be vulnerable to a failure of the standard login handler to verify passwords correctly, allowing unauthorised access.

If your installation has never used the LDAP or TextFile login handlers, or never used legacy login at all, then it is not affected. Still, we recommend installing the update, to be on the safe side.

To install, use Composer to update to one of the "Resolving versions" mentioned above, or apply this patch manually: https://github.com/ezsystems/ezpublish-legacy/commit/13f03a2be6c0ee4d0caaafaef05904ea9b0c4d9d

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "ezsystems/ezpublish-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2018.9.0"
            },
            {
              "fixed": "2018.9.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "ezsystems/ezpublish-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2018.6.0"
            },
            {
              "fixed": "2018.6.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "ezsystems/ezpublish-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2011.0.0"
            },
            {
              "fixed": "2017.12.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "ezsystems/ezpublish-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.4.0"
            },
            {
              "fixed": "5.4.12.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "ezsystems/ezpublish-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.3.0"
            },
            {
              "fixed": "5.3.12.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-285"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-15T21:30:03Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy.\n\nInstallations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may in rare cases be vulnerable to a failure of the standard login handler to verify passwords correctly, allowing unauthorised access.\n\nIf your installation has never used the LDAP or TextFile login handlers, or never used legacy login at all, then it is not affected. Still, we recommend installing the update, to be on the safe side.\n\nTo install, use Composer to update to one of the \"Resolving versions\" mentioned above, or apply this patch manually:\nhttps://github.com/ezsystems/ezpublish-legacy/commit/13f03a2be6c0ee4d0caaafaef05904ea9b0c4d9d\n\n",
  "id": "GHSA-p9mp-vq4v-v5m5",
  "modified": "2024-05-15T21:30:03Z",
  "published": "2024-05-15T21:30:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ezsystems/ezpublish-legacy/pull/1394"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ezsystems/ezpublish-legacy/commit/01930a95637389301f762be1439f726013e58aba"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-10-31-1.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ezsystems/ezpublish-legacy"
    },
    {
      "type": "WEB",
      "url": "https://issues.ibexa.co/browse/EZP-29703"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20201027063527/https://magento.com/security/news/new-zend-framework-1-security-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20210614184552/https://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "eZ Publish Legacy Passwordless login for LDAP users"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…