GHSA-P9MP-VQ4V-V5M5
Vulnerability from github – Published: 2024-05-15 21:30 – Updated: 2024-05-15 21:30This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy.
Installations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may in rare cases be vulnerable to a failure of the standard login handler to verify passwords correctly, allowing unauthorised access.
If your installation has never used the LDAP or TextFile login handlers, or never used legacy login at all, then it is not affected. Still, we recommend installing the update, to be on the safe side.
To install, use Composer to update to one of the "Resolving versions" mentioned above, or apply this patch manually: https://github.com/ezsystems/ezpublish-legacy/commit/13f03a2be6c0ee4d0caaafaef05904ea9b0c4d9d
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "ezsystems/ezpublish-legacy"
},
"ranges": [
{
"events": [
{
"introduced": "2018.9.0"
},
{
"fixed": "2018.9.1.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "ezsystems/ezpublish-legacy"
},
"ranges": [
{
"events": [
{
"introduced": "2018.6.0"
},
{
"fixed": "2018.6.1.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "ezsystems/ezpublish-legacy"
},
"ranges": [
{
"events": [
{
"introduced": "2011.0.0"
},
{
"fixed": "2017.12.4.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "ezsystems/ezpublish-legacy"
},
"ranges": [
{
"events": [
{
"introduced": "5.4.0"
},
{
"fixed": "5.4.12.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "ezsystems/ezpublish-legacy"
},
"ranges": [
{
"events": [
{
"introduced": "5.3.0"
},
{
"fixed": "5.3.12.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-285"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-15T21:30:03Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy.\n\nInstallations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may in rare cases be vulnerable to a failure of the standard login handler to verify passwords correctly, allowing unauthorised access.\n\nIf your installation has never used the LDAP or TextFile login handlers, or never used legacy login at all, then it is not affected. Still, we recommend installing the update, to be on the safe side.\n\nTo install, use Composer to update to one of the \"Resolving versions\" mentioned above, or apply this patch manually:\nhttps://github.com/ezsystems/ezpublish-legacy/commit/13f03a2be6c0ee4d0caaafaef05904ea9b0c4d9d\n\n",
"id": "GHSA-p9mp-vq4v-v5m5",
"modified": "2024-05-15T21:30:03Z",
"published": "2024-05-15T21:30:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ezsystems/ezpublish-legacy/pull/1394"
},
{
"type": "WEB",
"url": "https://github.com/ezsystems/ezpublish-legacy/commit/01930a95637389301f762be1439f726013e58aba"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-10-31-1.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/ezsystems/ezpublish-legacy"
},
{
"type": "WEB",
"url": "https://issues.ibexa.co/browse/EZP-29703"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20201027063527/https://magento.com/security/news/new-zend-framework-1-security-vulnerability"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20210614184552/https://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "eZ Publish Legacy Passwordless login for LDAP users"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.