CVE-2022-24979

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://typo3.org/help/security-advisories	Vendor Advisory
https://typo3.org/security/advisory/typo3-ext-sa-2022-003	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mittwald:varnishcache:*:*:*:*:*:typo3:*:*

History

No history.

Information

Published : 2022-02-19 04:15

Updated : 2024-02-28 19:09

NVD link : CVE-2022-24979

Mitre link : CVE-2022-24979

CVE.ORG link : CVE-2022-24979

JSON object : View

Products Affected

mittwald

varnishcache

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2022-24979", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-02-19T04:15:06.917", "references": [{"url": "https://typo3.org/help/security-advisories", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://typo3.org/security/advisory/typo3-ext-sa-2022-003", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements."}, {"lang": "es", "value": "Se ha detectado un problema en la extensi\u00f3n Varnishcache versiones anteriores a 2.0.1 para TYPO3. El componente del renderizador de elementos de contenido Edge Site Includes (ESI) no incluye una comprobaci\u00f3n de acceso. Esto permite a un usuario no autenticado renderizar varios elementos de contenido, resultando en una referencia directa a objetos insegura (IDOR), con el potencial de exponer elementos de contenido internos"}], "lastModified": "2022-03-07T16:52:07.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mittwald:varnishcache:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "736B1A9E-5D9A-4335-9497-7E8AC5158974", "versionEndExcluding": "2.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}