CVE-2014-3941
published 2014-06-03CVE-2014-3941: TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
2.66%
83.8th percentile
TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
Affected
89 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 11.0.0 < 11.5.0 | 11.5.0 |
| typo3 | cms | >= 4.5.0 < 4.5.34 | 4.5.34 |
| typo3 | cms | >= 4.7.0 < 4.7.19 | 4.7.19 |
| typo3 | cms | >= 6.0.0 < 6.0.14 | 6.0.14 |
| typo3 | cms | >= 6.1.0 < 6.1.9 | 6.1.9 |
| typo3 | cms | >= 6.2.0 < 6.2.3 | 6.2.3 |
| typo3 | cms-core | >= 11.0.0 < 11.5.0 | 11.5.0 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
ghsa5.0MEDIUM
osv5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Typo3 Host Header Spoofing Vulnerability
osv·2022-05-14
CVE-2014-3941 [MEDIUM] Typo3 Host Header Spoofing Vulnerability
Typo3 Host Header Spoofing Vulnerability
TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
GHSA
Typo3 Host Header Spoofing Vulnerability
ghsa·2022-05-14
CVE-2014-3941 [MEDIUM] CWE-20 Typo3 Host Header Spoofing Vulnerability
Typo3 Host Header Spoofing Vulnerability
TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
GHSA
HTTP Host Header Injection
ghsa·2021-10-05·CVSS 5.0
CVE-2021-41114 [MEDIUM] CWE-20 HTTP Host Header Injection
HTTP Host Header Injection
### Meta
* CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C` (3.5)
### Problem
It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP _Host_ header. TYPO3 uses the HTTP _Host_ header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment.
This vulnerability is the same as described in [TYPO3-CORE-SA-2014-001 (CVE-2014-3941)](https://typo3.org/security/advisory/typo3-core-sa-2014-001/). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting _$GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedH
OSV
HTTP Host Header Injection
osv·2021-10-05·CVSS 5.0
CVE-2021-41114 [MEDIUM] HTTP Host Header Injection
HTTP Host Header Injection
### Meta
* CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C` (3.5)
### Problem
It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP _Host_ header. TYPO3 uses the HTTP _Host_ header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment.
This vulnerability is the same as described in [TYPO3-CORE-SA-2014-001 (CVE-2014-3941)](https://typo3.org/security/advisory/typo3-core-sa-2014-001/). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting _$GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedH
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.htmlhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00037.htmlhttp://lists.opensuse.org/opensuse-updates/2016-08/msg00083.htmlhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/http://www.debian.org/security/2014/dsa-2942http://www.openwall.com/lists/oss-security/2014/06/03/2http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.htmlhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00037.htmlhttp://lists.opensuse.org/opensuse-updates/2016-08/msg00083.htmlhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/http://www.debian.org/security/2014/dsa-2942http://www.openwall.com/lists/oss-security/2014/06/03/2
2014-06-03
Published