Vulnerability Details : CVE-2010-0286
Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication.
Exploit prediction scoring system (EPSS) score for CVE-2010-0286
Probability of exploitation activity in the next 30 days: 1.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0286
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2010-0286
-
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
Page Not FoundVendor Advisory
-
http://www.vupen.com/english/advisories/2010/0127
Webmail | OVH- OVHPatch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/55609
TYPO3 openid security bypass CVE-2010-0286 Vulnerability Report
Products affected by CVE-2010-0286
- cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*