7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-x4rj-f7m6-42c3

EPSS Score

CWE

CWE-287

Published

5/30/2024

Updated

5/30/2024

KEV Status

Technology

PHP

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-x4rj-f7m6-42c3

GHSA-x4rj-f7m6-42c3: TYPO3 CMS Authentication Bypass vulnerability

It has been discovered that TYPO3’s Salted Password system extension (which is a mandatory system component) is vulnerable to Authentication Bypass when using hashing methods which are related by PHP class inheritance. In standard TYPO3 core distributions stored passwords using the blowfish hashing algorithm can be overridden when using MD5 as the default hashing algorithm by just knowing a valid username. Per default the Portable PHP hashing algorithm (PHPass) is used which is not vulnerable.

(GitHub Advisory)

Miggo Vulnerability Database

→

GHSA-x4rj-f7m6-42c3

GHSA-x4rj-f7m6-42c3:

7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-x4rj-f7m6-42c3

EPSS Score

CWE

CWE-287

Published

5/30/2024

Updated

5/30/2024

KEV Status

Technology

PHP

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
typo3/cms-core	composer	>= 8.0.0, < 8.7.17	8.7.17
typo3/cms-core	composer	>= 9.0.0, < 9.3.2	9.3.2
typo3/cms-core

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper handling of PHP class inheritance in TYPO3's Salted Password system. When MD5 is the default hashing algorithm, the system incorrectly allows Blowfish-hashed passwords to be overridden due to shared parent classes in the hashing method implementations. The SaltFactory::getHashing method is central to selecting the hashing algorithm, and CompatibilityHashService::checkPassword handles password verification. Both functions would need to misuse inheritance checks (e.g., is_subclass_of or instanceof) to allow cross-algorithm validation. The high confidence comes from the vulnerability's direct link to class inheritance in password hashing logic, as described in the advisory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

GHSA-x4rj-f7m6-42c3: TYPO3 CMS Authentication Bypass vulnerability

GHSA-x4rj-f7m6-42c3:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

GHSA-x4rj-f7m6-42c3: TYPO3 CMS Authentication Bypass vulnerability

7.5

7.5

Basic Information

Basic Information

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI