Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1oaGY4LWY1dzktZzZ2aM4AA6i0
OpenID Connect Authentication (oidc) Typo3 extension Authentication Bypass
The authentication service of the extension does not verify the OpenID Connect authentication state from the user lookup chain. Instead, the authentication service authenticates every valid frontend user from the user lookup chain, where the frontend user field “tx_oidc” is not empty.
In scenarios, where either ext:felogin is active or where $GLOBALS['TYPO3_CONF_VARS'][‘FE’][‘checkFeUserPid’] is disabled, an attacker can login to OpenID Connect frontend user accounts by providing a valid username and any password.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oaGY4LWY1dzktZzZ2aM4AA6i0
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 month ago
Updated: about 1 month ago
CVSS Score: 6.0
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:F/RL:O/RC:C
Identifiers: GHSA-hhf8-f5w9-g6vh, CVE-2024-30173
References:
- https://github.com/FriendsOfPHP/security-advisories/blob/master/causal/oidc/CVE-2024-30173.yaml
- https://typo3.org/security/advisory/typo3-ext-sa-2024-002
- https://github.com/advisories/GHSA-hhf8-f5w9-g6vh
Affected Packages
packagist:causal/oidc
Dependent packages: 0Dependent repositories: 0
Downloads: 24,770 total
Affected Version Ranges: < 2.1.0
Fixed in: 2.1.0
All affected versions: 0.1.0, 0.2.0, 0.5.0, 1.0.0, 1.1.0, 1.2.0, 2.0.0
All unaffected versions: 2.1.0