CVE-2022-24784
Description
Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
statamic/cmsPackagist | < 3.2.39 | 3.2.39 |
statamic/cmsPackagist | >= 3.3.0, < 3.3.2 | 3.3.2 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/statamic/cms/issues/5604nvdIssue TrackingPatchThird Party AdvisoryWEB
- github.com/statamic/cms/pull/5568nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-qcgx-7p5f-hxvrghsaADVISORY
- github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvrnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-24784ghsaADVISORY
News mentions
0No linked articles in our index yet.