CVE-2014-3945
Publication date 3 June 2014
Last updated 24 July 2024
Ubuntu priority
The Authentication component in TYPO3 before 6.2, when salting for password hashing is disabled, does not require knowledge of the cleartext password if the password hash is known, which allows remote attackers to bypass authentication and gain access to the backend by leveraging knowledge of a password hash.
Status
Package | Ubuntu Release | Status |
---|---|---|
typo3-src | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |