CVE-2009-1264

Published Apr 7, 2009

Last updated 16 years ago

CVSS info 4.0

Overview

Description: Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3355511-4472-4D36-B160-45A1F818DCFB",
            "versionEndIncluding": "2.5.20"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "053EF31D-FE26-4CF3-BE33-EB0F1036718F"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3E20C0A-8B89-4C95-8B24-A2A3CBFA0127"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476D5133-8BCB-44BF-B61F-6699D7B8F9A0"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9C84689-C9B1-480A-A3BF-00EF5316F03F"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B00C7C5-54A6-485D-AAF7-61F12E0D7B60"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D815939A-4446-4CC8-86EE-58903DEC9CD1"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B238304F-2FEB-497C-B74D-4BED29879040"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABDA6FBA-9A42-4524-AA65-2A15A5B2E2A3"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F51DBFDB-9D5B-46D2-8EBC-A298E8DBBF88"
          },
          {
            "criteria": "cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F44CBF4-5A38-41C8-A7C5-CA1D6A61BEE4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References