CVE-2014-3944CVE-2014-3944

Affected configuration(s):

cpe:/a:typo3:typo3:6.2
cpe:/a:typo3:typo3:6.2.0:beta1
cpe:/a:typo3:typo3:6.2.0:beta2
cpe:/a:typo3:typo3:6.2.0:beta3
cpe:/a:typo3:typo3:6.2.1
cpe:/a:typo3:typo3:6.2.2

Date published: 2014-06-03T10:55:11.130-04:00

Date last modified: 2014-06-04T11:15:16.557-04:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

Summary: The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *