The system extension must "rsaauth" are loaded and configured in a particular way for frontend use. Furthermore, there must be a vulnerable CMS version installed. The leak, which has not yet CVE number, is present in versions 4.3.0 t / m 4.3.14, 4.4.0 t / m 4.4.15, 4.5.0 t / m 5.4.39 and 4.6.0 t / m 04/06/18. Users have strongly advised to upgrade to 5.4.40 or use a specially crafted shell script that vulnerable TYPO3 versions patches.
Pages
▼
Monday, 23 February 2015
TYPO3 Warns Of Critical Vulnerability In CMS
The system extension must "rsaauth" are loaded and configured in a particular way for frontend use. Furthermore, there must be a vulnerable CMS version installed. The leak, which has not yet CVE number, is present in versions 4.3.0 t / m 4.3.14, 4.4.0 t / m 4.4.15, 4.5.0 t / m 5.4.39 and 4.6.0 t / m 04/06/18. Users have strongly advised to upgrade to 5.4.40 or use a specially crafted shell script that vulnerable TYPO3 versions patches.
No comments:
Post a Comment