Description

The web application is based on Typo3 CMS. Typo3 Admin interface is publicly accessible.

Remediation

Restrict access to Typo3 Admin.

References

Backend and Frontend

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4522)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3481)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7983)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6794)

Severity

Info

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Insecure Admin Access Bruteforce Possible