CVE-2024-47047

An issue was discovered in the powermail extension through 12.4.0 for TYPO3. It fails to validate the mail parameter of the createAction, resulting in Insecure Direct Object Reference (IDOR) in some configurations. An unauthenticated attacker can use this to display user-submitted data of all forms persisted by the extension. The fixed versions are 7.5.1, 8.5.1, 10.9.1, and 12.4.1.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://typo3.org/security/advisory/typo3-ext-sa-2024-007	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:in2code:powermail::::::typo3::*
	cpe:2.3:a:in2code:powermail::::::typo3::*
	cpe:2.3:a:in2code:powermail::::::typo3::*
	cpe:2.3:a:in2code:powermail::::::typo3::*

History

27 Sep 2024, 17:03

Type	Values Removed	Values Added
First Time		In2code powermail In2code
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		CWE-639
CPE		cpe:2.3:a:in2code:powermail::::::typo3::*
References	~~() https://typo3.org/security/advisory/typo3-ext-sa-2024-007 -~~	() https://typo3.org/security/advisory/typo3-ext-sa-2024-007 - Vendor Advisory

20 Sep 2024, 12:30

Type	Values Removed	Values Added
Summary		(es) Se descubrió un problema en la extensión Powermail hasta la versión 12.4.0 para TYPO3. No se puede validar el parámetro de correo de createAction, lo que genera una referencia directa a objetos insegura (IDOR) en algunas configuraciones. Un atacante no autenticado puede usar esto para mostrar los datos enviados por el usuario de todos los formatos que la extensión conserva. Las versiones corregidas son 7.5.1, 8.5.1, 10.9.1 y 12.4.1.

17 Sep 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-17 14:15

Updated : 2024-09-27 17:03

NVD link : CVE-2024-47047

Mitre link : CVE-2024-47047

CVE.ORG link : CVE-2024-47047

JSON object : View

Products Affected

in2code

powermail

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2024-47047", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-09-17T14:15:17.790", "references": [{"url": "https://typo3.org/security/advisory/typo3-ext-sa-2024-007", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the powermail extension through 12.4.0 for TYPO3. It fails to validate the mail parameter of the createAction, resulting in Insecure Direct Object Reference (IDOR) in some configurations. An unauthenticated attacker can use this to display user-submitted data of all forms persisted by the extension. The fixed versions are 7.5.1, 8.5.1, 10.9.1, and 12.4.1."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en la extensi\u00f3n Powermail hasta la versi\u00f3n 12.4.0 para TYPO3. No se puede validar el par\u00e1metro de correo de createAction, lo que genera una referencia directa a objetos insegura (IDOR) en algunas configuraciones. Un atacante no autenticado puede usar esto para mostrar los datos enviados por el usuario de todos los formatos que la extensi\u00f3n conserva. Las versiones corregidas son 7.5.1, 8.5.1, 10.9.1 y 12.4.1."}], "lastModified": "2024-09-27T17:03:35.507", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:in2code:powermail:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "8764ACD9-5A01-41F0-8F16-D13BFCA129F6", "versionEndIncluding": "7.5.0"}, {"criteria": "cpe:2.3:a:in2code:powermail:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "D925B424-6AEF-40FA-A4FF-BC562C3750CE", "versionEndIncluding": "8.5.0", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:in2code:powermail:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "A215AF61-E0F4-45AC-83D6-1E3656711CD2", "versionEndIncluding": "10.9.0", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:in2code:powermail:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "810E82AE-D4B7-4EE0-BF02-4A0716C3667F", "versionEndIncluding": "12.4.0", "versionStartIncluding": "12.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}