CVE-2013-7081

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-7081
The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://seclists.org/oss-sec/2013/q4/473
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ Vendor Advisory
http://www.debian.org/security/2014/dsa-2834
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:typo3:typo3:6.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.0.11:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:typo3:typo3:6.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:6.1.6:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:typo3:typo3:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.12:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.13:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.14:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.15:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.7.16:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:typo3:typo3:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.13:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.14:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.15:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.16:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.17:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.18:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.19:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.20:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.21:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.22:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.23:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.24:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.25:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.26:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.27:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.28:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.29:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.30:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.5.31:*:*:*:*:*:*:*
History

No history.

Information

Published : 2013-12-23 23:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-7081

Mitre link : CVE-2013-7081

CVE.ORG link : CVE-2013-7081

JSON object : View

Products Affected

typo3

  • typo3
CWE
CWE-264

Permissions, Privileges, and Access Controls