Allele Security Alert
ASA-2018-00082
Identifier(s)
ASA-2018-00082, TYPO3-CORE-SA-2018-009
Title
Security Misconfiguration in Install Tool Cookie
Vendor(s)
TYPO3 Association
Product(s)
TYPO3
Affected version(s)
TYPO3 7.0.0-7.6.31, 8.0.0-8.7.20 and 9.0.0-9.5.1
Fixed version(s)
TYPO3 versions 7.6.32, 8.7.21 or 9.5.2
Proof of concept
Unknown
Description
It has been discovered that cookies created in the Install Tool are not hardened to be submitted only via HTTP. In combination with other vulnerabilities such as cross-site scripting it can lead to hijacking an active and valid session in the Install Tool.
Technical details
Unknown
Credits
Oliver Hader (TYPO3 core team) and Andreas Wolf (TYPO3 core team)
Reference(s)
TYPO3 9.5.2, 8.7.21 and 7.6.32 security releases published
https://typo3.org/article/typo3-952-8721-and-7632-security-releases-published/
TYPO3-CORE-SA-2018-009: Security Misconfiguration in Install Tool Cookie
https://typo3.org/security/advisory/typo3-core-sa-2018-009/
[SECURITY] Make InstallTool session cookie HTTP-only
https://github.com/TYPO3/TYPO3.CMS/commit/13328b0f74ac589a20b021db814dfa672581c26a
[TYPO3-announce] Announcing TYPO3 v9.5.2, v8.7.21 and v7.6.32 security releases
http://lists.typo3.org/pipermail/typo3-announce/2018/000435.html
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: February 1, 2019