TYPO3 CrossDomain Session Cookie Reuse (pre8.7.55,9.5.44,10.4.41,11.5.33,12.4.8)
CVE-2023-47127 Published on November 14, 2023
Weak Authentication in Session Handling in typo3/cms-core
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability has been addressed in versions 8.7.55, 9.5.44, 10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Vulnerability Analysis
CVE-2023-47127 can be exploited with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Authentication Bypass by Assumed-Immutable Data
The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
Products Associated with CVE-2023-47127
Want to know whenever a new CVE is published for TYPO3? stack.watch will email you.
Affected Versions
typo3:- Version >= 8.0.0, < 8.7.55 is affected.
- Version >= 9.0.0, < 9.5.44 is affected.
- Version >= 10.0.0, < 10.4.41 is affected.
- Version >= 11.0.0, < 11.5.33 is affected.
- Version >= 12.0.0, < 12.4.8 is affected.
Vulnerable Packages
The following package name and versions may be associated with CVE-2023-47127
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| composer | typo3/cms-core | >= 8.0.0, <= 8.7.54 | 8.7.55 |
| composer | typo3/cms-core | >= 9.0.0, <= 9.5.43 | 9.5.44 |
| composer | typo3/cms-core | >= 10.0.0, <= 10.4.40 | 10.4.41 |
| composer | typo3/cms-core | >= 11.0.0, <= 11.5.32 | 11.5.33 |
| composer | typo3/cms-core | >= 12.0.0, <= 12.4.7 | 12.4.8 |
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.