VIR Vulnerability Intelligence Relay

CVE-2014-3945

medium
Published 2014-06-03 · Modified 2025-04-14
CVSS v3
CVSS v2
4.0
VIR risk
4.0

Description

TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

Package impact
EcosystemPackageVulnerableFixed
php Packagisttypo3/cms<6.2.06.2.0

Application impact
VendorProductVersionsFixed
typo3typo3{"endIncluding":"6.1.9"}
typo3typo34.0
typo3typo34.0.0
typo3typo34.0.1
typo3typo34.0.2
typo3typo34.0.3
typo3typo34.0.4
typo3typo34.0.5
typo3typo34.0.6
typo3typo34.0.7
typo3typo34.0.8
typo3typo34.0.9
typo3typo34.0.10
typo3typo34.0.11
typo3typo34.0.12
typo3typo34.0.13
typo3typo34.1
typo3typo34.1.0
typo3typo34.1.1
typo3typo34.1.2
typo3typo34.1.3
typo3typo34.1.4
typo3typo34.1.5
typo3typo34.1.6
typo3typo34.1.7
typo3typo34.1.8
typo3typo34.1.9
typo3typo34.1.10
typo3typo34.1.11
typo3typo34.1.12
typo3typo34.1.13
typo3typo34.1.14
typo3typo34.1.15
typo3typo34.2
typo3typo34.2.0
typo3typo34.2.1
typo3typo34.2.2
typo3typo34.2.3
typo3typo34.2.4
typo3typo34.2.5
typo3typo34.2.6
typo3typo34.2.7
typo3typo34.2.8
typo3typo34.2.9
typo3typo34.2.10
typo3typo34.2.11
typo3typo34.2.12
typo3typo34.2.13
typo3typo34.2.14
typo3typo34.2.15
typo3typo34.2.16
typo3typo34.2.17
typo3typo34.3
typo3typo34.3.0
typo3typo34.3.1
typo3typo34.3.2
typo3typo34.3.3
typo3typo34.3.4
typo3typo34.3.5
typo3typo34.3.6
typo3typo34.3.7
typo3typo34.3.8
typo3typo34.3.9
typo3typo34.3.10
typo3typo34.3.11
typo3typo34.3.12
typo3typo34.3.13
typo3typo34.3.14
typo3typo34.4
typo3typo34.4.0
typo3typo34.4.1
typo3typo34.4.2
typo3typo34.4.3
typo3typo34.4.4
typo3typo34.4.5
typo3typo34.4.6
typo3typo34.4.7
typo3typo34.4.8
typo3typo34.4.9
typo3typo34.4.10
typo3typo34.4.11
typo3typo34.4.12
typo3typo34.4.13
typo3typo34.4.14
typo3typo34.4.15
typo3typo34.5
typo3typo34.5.0
typo3typo34.5.1
typo3typo34.5.2
typo3typo34.5.3
typo3typo34.5.4
typo3typo34.5.5
typo3typo34.5.6
typo3typo34.5.7
typo3typo34.5.8
typo3typo34.5.9
typo3typo34.5.10
typo3typo34.5.11
typo3typo34.5.12
typo3typo34.5.13
typo3typo34.5.14
typo3typo34.5.15
typo3typo34.5.16
typo3typo34.5.17
typo3typo34.5.18
typo3typo34.5.19
typo3typo34.5.20
typo3typo34.5.21
typo3typo34.5.22
typo3typo34.5.23
typo3typo34.5.24
typo3typo34.5.25
typo3typo34.5.26
typo3typo34.5.27
typo3typo34.5.28
typo3typo34.5.29
typo3typo34.5.30
typo3typo34.5.31
typo3typo34.5.32
typo3typo34.5.33
typo3typo34.5.34
typo3typo34.6
typo3typo34.6.0
typo3typo34.6.1
typo3typo34.6.2
typo3typo34.6.3
typo3typo34.6.4
typo3typo34.6.5
typo3typo34.6.6
typo3typo34.6.7
typo3typo34.6.8
typo3typo34.6.9
typo3typo34.6.10
typo3typo34.6.11
typo3typo34.6.12
typo3typo34.6.13
typo3typo34.6.14
typo3typo34.6.15
typo3typo34.6.16
typo3typo34.6.17
typo3typo34.6.18
typo3typo34.7
typo3typo34.7.0
typo3typo34.7.1
typo3typo34.7.2
typo3typo34.7.3
typo3typo34.7.4
typo3typo34.7.5
typo3typo34.7.6
typo3typo34.7.7
typo3typo34.7.8
typo3typo34.7.9
typo3typo34.7.10
typo3typo34.7.11
typo3typo34.7.12
typo3typo34.7.13
typo3typo34.7.14
typo3typo34.7.15
typo3typo34.7.16
typo3typo34.7.17
typo3typo34.7.18
typo3typo34.7.19
typo3typo36.0
typo3typo36.0.1
typo3typo36.0.2
typo3typo36.0.3
typo3typo36.0.4
typo3typo36.0.5
typo3typo36.0.6
typo3typo36.0.7
typo3typo36.0.8
typo3typo36.0.9
typo3typo36.0.10
typo3typo36.0.11
typo3typo36.0.12
typo3typo36.0.13
typo3typo36.0.14
typo3typo36.1
typo3typo36.1.1
typo3typo36.1.2
typo3typo36.1.3
typo3typo36.1.4
typo3typo36.1.5
typo3typo36.1.6
typo3typo36.1.7
typo3typo36.1.8

References

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.