derhansen sf_event_mgt Extension up to 7.3.x on TYPO3 Backend RedirectResponse access control
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
Summary
A vulnerability was found in derhansen sf_event_mgt Extension up to 7.3.x on TYPO3. It has been rated as critical. This affects the function RedirectResponse of the component Backend Module. The manipulation leads to access control.
This vulnerability is listed as CVE-2024-24751. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is advised.
Details
A vulnerability was found in derhansen sf_event_mgt Extension up to 7.3.x on TYPO3. It has been rated as critical. This issue affects the function RedirectResponse of the component Backend Module. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-284. The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. Impacted is confidentiality. The summary by CVE is:
sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the update of the extension to TYPO3 12.4, because the `RedirectResponse` from the `$this->redirect()` function was never handled. This issue has been addressed in version 7.4.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
The weakness was presented 02/13/2024 as GHSA-4576-pgh2-g34j. The advisory is shared at github.com. The identification of this vulnerability is CVE-2024-24751 since 01/29/2024. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1068 for this issue.
Upgrading to version 7.4.0 eliminates this vulnerability. Applying the patch a08c2cd48695c07e462d15eeb70434ddc0206e4c is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.8VulDB Meta Temp Score: 5.7
VulDB Base Score: 4.3
VulDB Temp Score: 4.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 8.8
NVD Vector: 🔍
CNA Base Score: 4.3
CNA Vector (GitHub, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Access controlCWE: CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: sf_event_mgt Extension 7.4.0
Patch: a08c2cd48695c07e462d15eeb70434ddc0206e4c
Timeline
01/29/2024 🔍02/13/2024 🔍
02/13/2024 🔍
10/18/2024 🔍
Sources
Advisory: GHSA-4576-pgh2-g34jStatus: Confirmed
CVE: CVE-2024-24751 (🔍)
GCVE (CVE): GCVE-0-2024-24751
GCVE (VulDB): GCVE-100-253673
Entry
Created: 02/13/2024 20:24Updated: 10/18/2024 20:28
Changes: 02/13/2024 20:24 (55), 10/18/2024 20:28 (27)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.