CVE-2023-47127
TYPO3 vulnerable to Weak Authentication in Session Handling
Description
> ### CVSS: `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:X/RL:O/RC:C` (4.0) ### Problem Given that there are at least two different sites in the same TYPO3 installation - for instance _first.example.org_ and _second.example.com_ - then a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability primarily affects the frontend of the website. It's important to note that exploiting this vulnerability requires a valid user account. ### Solution Update to TYPO3 versions 8.7.55 ELTS, 9.5.44 ELTS, 10.4.41 ELTS, 11.5.33, 12.4.8 that fix the problem described above. ### Credits Thanks to Rémy Daniel who reported this issue, and to TYPO3 core & security team member Benjamin Franzke who fixed the issue. ### References * [TYPO3-CORE-SA-2023-006](https://typo3.org/security/advisory/typo3-core-sa-2023-006)
How to fix CVE-2023-47127
To remediate CVE-2023-47127, upgrade the affected package to a fixed version below.
- —upgrade to 8.7.55 or later
- —upgrade to 8.7.55 or later
Is CVE-2023-47127 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- >= 8.0.0, < 8.7.55, >= 9.0.0, < 9.5.44, >= 10.0.0, < 10.4.41, >= 11.0.0, < 11.5.33, >= 12.0.0, < 12.4.8
- >= 8.0.0, < 8.7.55
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.2 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N |