CVE-2022-37783:
PHP Análisis y mitigación de vulnerabilidades
Vista general
Craft CMS versions between 3.0.0 and 3.7.32 were found to disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. The vulnerability was discovered during a penetration test by researchers at TÜV Trust IT Austria and was assigned CVE-2022-37783. The issue was fixed in version 3.7.33 (CVES AT, NVD).
Técnicas
The vulnerability stems from bad coding practices where user password hashes were mixed into CSRF-Tokens. The password hashes were disclosed in two locations: the CRAFT_CSRF_TOKEN cookie (URL-encoded) and the CSRF-Token in the HTML page. While the cookie was protected by the HTTP-Only attribute, the HTML token was masked using a YII Framework function that could be reversed using publicly available unmasking functions. The passwords were hashed using bcrypt, which is considered a slow hash algorithm (CVES AT).
Impacto
The disclosure of password hashes could allow attackers to attempt offline password cracking. If successful, attackers could gain unauthorized access to user accounts. Users utilizing SAML-Login were not affected by this vulnerability. The vulnerability received a CVSS v3.1 score of 7.5 (High), indicating significant potential impact (CVES AT).
Mitigación y soluciones alternativas
The vulnerability was fixed in Craft CMS version 3.7.33. Users of affected versions are strongly encouraged to upgrade to at least version 3.7.33. The vendor marked release 3.7.33 as critical and integrated warning messages in affected versions urging users to update (CVES AT).
Recursos adicionales
Fuente: Este informe se generó utilizando IA
Relacionado PHP Vulnerabilidades:
Evaluación gratuita de vulnerabilidades
Compare su postura de seguridad en la nube
Evalúe sus prácticas de seguridad en la nube en 9 dominios de seguridad para comparar su nivel de riesgo e identificar brechas en sus defensas.
Recursos adicionales de Wiz
Obtén una demostración personalizada
¿Listo para ver a Wiz en acción?
"La mejor experiencia de usuario que he visto en mi vida, proporciona una visibilidad completa de las cargas de trabajo en la nube."
"Wiz proporciona un panel único para ver lo que ocurre en nuestros entornos en la nube."
"Sabemos que si Wiz identifica algo como crítico, en realidad lo es."