Vulnerability Details CVE-2014-8328
The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the update check request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://typo3.org/extensions/repository/view/dce
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-015/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97673
- http://typo3.org/extensions/repository/view/dce
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-015/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97673
Products affected by CVE-2014-8328
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.10.0
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.10.1
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.10.2
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.11.0
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.11.1
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.11.2
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.11.3
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.11.4
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.0
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.1
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.2
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.3
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.4
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.7.5
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.0
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.1
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.2
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.3
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.4
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.5
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.8.6
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.9.0
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.9.1
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.9.2
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.9.3
-
cpe:2.3:a:dynamic_content_elements_project:dynamic_content_elements:0.9.4