Vulnerabilities > CVE-2010-0286 - Security Bypass vulnerability in Typo3 4.3.0

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

typo3

NVD

Published: 2010-02-22

Updated: 2017-08-17

Summary

Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication.

Vulnerable Configurations

Part	Description	Count
Application	Typo3 Typo3 Typo3 4.3.0	1

References

http://osvdb.org/61680
http://secunia.com/advisories/38206
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
http://www.vupen.com/english/advisories/2010/0127
https://exchange.xforce.ibmcloud.com/vulnerabilities/55609