5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-31047

GHSA ID

GHSA-fh99-4pgr-8j99

EPSS Score

0.64361%

CWE

CWE-209

Published

6/17/2022

Updated

7/24/2023

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-31047

CVE-2022-31047: Insertion of Sensitive Information into Log File in typo3/cms-core

Meta

CVSS: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C (4.9)

Problem

It has been discovered that system internal credentials or keys (e.g. database credentials) have been logged as plaintext in exception handlers, when logging the complete exception stack trace.

Solution

Update to TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.35 ELTS, 10.4.29, 11.5.11 that fix the problem described above.

Credits

Thanks to Marco Huber who reported this issue and to TYPO3 security member Torben Hansen who fixed the issue.

References

TYPO3-CORE-SA-2022-002

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-31047

GHSA ID

GHSA-fh99-4pgr-8j99

EPSS Score

0.64361%

CWE

CWE-209

Published

6/17/2022

Updated

7/24/2023

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
typo3/cms-core	composer	>= 7.0.0, < 7.6.57	7.6.57
typo3/cms-core	composer	>= 8.0.0, < 8.7.47	8.7.47
typo3/cms-core	composer	>= 9.0.0, < 9.5.35	9.5.35
typo3/cms-core	composer	>= 10.0.0, < 10.4.29	10.4.29
typo3/cms-core	composer	>= 11.0.0, < 11.5.11	11.5.11
typo3/cms	composer	>= 10.0.0, < 10.4.29	10.4.29
typo3/cms	composer	>= 11.0.0, < 11.5.11	11.5.11

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the writeLogEntries method in AbstractExceptionHandler.php, which handled exception logging. The pre-patch version unconditionally added the exception object (including stack traces) to log contexts. The commit c93ea69 introduced a $logExceptionStackTrace flag to control this behavior, indicating this was the vulnerable point. The CWE-532 (log insertion of sensitive info) directly maps to this function's pre-patch behavior of logging raw exception data containing credentials.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

> ### M*t* > * *VSS: `*VSS:*.*/*V:N/**:*/PR:L/UI:N/S:U/*:*/I:N/*:N/*:*/RL:O/R*:*` (*.*) ### Pro*l*m It **s ***n *is*ov*r** t**t syst*m int*rn*l *r***nti*ls or k*ys (*.*. **t***s* *r***nti*ls) **v* ***n lo**** *s pl*int*xt in *x**ption **n*l*rs, w**n

Reasoning

T** vuln*r**ility st*ms *rom t** `writ*Lo**ntri*s` m*t*o* in `**str**t*x**ption**n*l*r.p*p`, w*i** **n*l** *x**ption lo**in*. T** pr*-p*t** v*rsion un*on*ition*lly ***** t** *x**ption o*j**t (in*lu*in* st**k tr***s) to lo* *ont*xts. T** *ommit ******

5.3

Basic Information

Concerned about an active attack path?

CVE-2022-31047: Insertion of Sensitive Information into Log File in typo3/cms-core

Meta

Problem

Solution

Credits

References

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI