The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Magento EE

computer vulnerability alert 24376

Magento: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Impacted products: Magento EE, Magento CE.
Severity: 3/4.
Consequences: privileged access/rights, client access/rights, data reading, data deletion.
Provenance: internet client.
Creation date: 08/11/2017.
Identifiers: CERTFR-2017-AVI-397, VIGILANCE-VUL-24376.

Description of the vulnerability

An attacker can use several vulnerabilities of Magento.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 24264

Magento: information disclosure via local.xml

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via local.xml of Magento not installed with Apache httpd (for example nginx), in order to obtain sensitive information.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 30/10/2017.
Identifiers: VIGILANCE-VUL-24264.

Description of the vulnerability

An attacker can bypass access restrictions to data via local.xml of Magento not installed with Apache httpd (for example nginx), in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 23843

Magento: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Impacted products: Magento EE, Magento CE.
Severity: 3/4.
Consequences: user access/rights, client access/rights, data reading, data creation/edition.
Provenance: internet client.
Creation date: 15/09/2017.
Identifiers: CERTFR-2017-AVI-303, DC-2017-09-001, DC-2017-09-002, VIGILANCE-VUL-23843.

Description of the vulnerability

An attacker can use several vulnerabilities of Magento.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 22878

Magento: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Impacted products: Magento EE, Magento CE.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, client access/rights, data reading, data creation/edition.
Provenance: document.
Creation date: 01/06/2017.
Identifiers: VIGILANCE-VUL-22878.

Description of the vulnerability

An attacker can use several vulnerabilities of Magento.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 22432

Magento: Cross Site Request Forgery

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of Magento, in order to force the victim to perform operations.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 13/04/2017.
Identifiers: VIGILANCE-VUL-22432.

Description of the vulnerability

The Magento product offers a web service.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery of Magento, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-10034

Zend Framework: code execution via zend-mail

Synthesis of the vulnerability

An attacker can use a vulnerability via zend-mail of Zend Framework, in order to run code.
Impacted products: Fedora, Magento EE, Magento CE, Zend Framework.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 21/12/2016.
Identifiers: APPSEC-1746, CVE-2016-10034, FEDORA-2016-1185de6aa6, FEDORA-2016-a6e72e28e1, VIGILANCE-VUL-21440, ZF2016-04.

Description of the vulnerability

An attacker can use a vulnerability via zend-mail of Zend Framework, in order to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 21394

Magento: information disclosure from weak isolation

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Magento, in order to obtain personnal information.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 15/12/2016.
Identifiers: VIGILANCE-VUL-21394.

Description of the vulnerability

A Mangento server may host several shops.

However, isolation between shops hosted on the same server is incomplete. An attacker who is is authorized to view data about customers and orders for a shop can access similar records related to other shops.

An attacker can therefore bypass access restrictions to data of Magento, in order to obtain personnal information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 21123

Magento EE: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento EE.
Impacted products: Magento EE.
Severity: 2/4.
Consequences: user access/rights, client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 15/11/2016.
Identifiers: VIGILANCE-VUL-21123.

Description of the vulnerability

Several vulnerabilities were announced in Magento EE.

An attacker can trigger a Cross Site Request Forgery via Form Key, in order to force the victim to perform operations. [severity:2/4]

An attacker can trigger a Cross Site Scripting via Category, in order to run JavaScript code in the context of the web site. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 20865

Magento CE/EE 1: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento CE/EE 1.
Impacted products: Magento EE, Magento CE.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 17.
Creation date: 13/10/2016.
Identifiers: APPSEC-1058, APPSEC-1106, APPSEC-1189, APPSEC-1211, APPSEC-1247, APPSEC-1282, APPSEC-1338, APPSEC-1375, APPSEC-1436, APPSEC-1478, APPSEC-1480, APPSEC-1484, APPSEC-1488, APPSEC-1517, APPSEC-327, APPSEC-666, APPSEC-995, VIGILANCE-VUL-20865.

Description of the vulnerability

Several vulnerabilities were announced in Magento CE/EE 1.

An attacker can use a vulnerability via Checkout, in order to run code. [severity:4/4; APPSEC-1484]

An attacker can use a SQL injection via Zend Framework, in order to read or alter data. [severity:3/4; APPSEC-1480]

An attacker can trigger a Cross Site Scripting via Invitations, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1488]

An attacker can bypass security features via Block Cache, in order to obtain sensitive information. [severity:3/4; APPSEC-1247]

An attacker can log in as another customer. [severity:3/4; APPSEC-1517]

An administrator attacker can use a vulnerability via import/export, in order to run code. [severity:2/4; APPSEC-1375]

An attacker can bypass access restrictions via Page Cache, in order to read or alter data. [severity:2/4; APPSEC-1338]

An attacker can trigger a Cross Site Scripting via URL Processing, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1436]

An attacker can trigger a Cross Site Scripting via Categories Management, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1211]

An attacker can trigger a fatal error via GIF Flooding, in order to trigger a denial of service. [severity:2/4; APPSEC-1058]

An attacker can trigger a Cross Site Scripting via Flash File Uploader, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-666]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1282]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; APPSEC-327]

An attacker can trigger a Cross Site Request Forgery via Wishlist, in order to force the victim to perform operations. [severity:2/4; APPSEC-1189]

Session does not expire on logout. [severity:2/4; APPSEC-1478]

An attacker can act as a Man-in-the-Middle, in order to read or write data in the session. [severity:2/4; APPSEC-1106]

An attacker can use a Timing Attack, in order to obtain sensitive information. [severity:1/4; APPSEC-995]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-10704 CVE-2018-5301

Magento CE/EE 2: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento CE/EE 2.
Impacted products: Magento EE, Magento CE.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 15.
Creation date: 13/10/2016.
Identifiers: APPSEC-1212, APPSEC-1270, APPSEC-1329, APPSEC-1338, APPSEC-1433, APPSEC-1478, APPSEC-1480, APPSEC-1481, APPSEC-1484, APPSEC-1488, APPSEC-1490, APPSEC-1503, APPSEC-1533, APPSEC-1539, APPSEC-1543, CVE-2016-10704, CVE-2018-5301, VIGILANCE-VUL-20864.

Description of the vulnerability

Several vulnerabilities were announced in Magento CE/EE 2.

An attacker can trigger a Cross Site Request Forgery via Mini Cart, in order to force the victim to perform operations. [severity:2/4; APPSEC-1212]

An attacker can bypass security features via Guest Order, in order to obtain sensitive information. [severity:3/4; APPSEC-1270]

An attacker can bypass security features via Maintenance Mode, in order to obtain sensitive information. [severity:2/4; APPSEC-1329]

An attacker can bypass access restrictions via Page Cache, in order to read or alter data. [severity:2/4; APPSEC-1338]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; APPSEC-1433]

Session does not expire on logout. [severity:2/4; APPSEC-1478]

An attacker can use a SQL injection via Zend Framework, in order to read or alter data. [severity:3/4; APPSEC-1480]

An attacker can create a backup. [severity:1/4; APPSEC-1481]

An attacker can use a vulnerability via Checkout, in order to run code. [severity:4/4; APPSEC-1484]

An attacker can trigger a Cross Site Scripting via Invitations, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1488]

An attacker can use a vulnerability via Local File Inclusion, in order to run code. [severity:2/4; APPSEC-1490]

An attacker can trigger a Cross Site Scripting via Email Templates, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1503]

An attacker can order an item with an altered price. [severity:4/4; APPSEC-1533]

An attacker can trigger a Cross Site Scripting via Section Loading, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1539]

An attacker can log out the administrator, in order to trigger a denial of service. [severity:2/4; APPSEC-1543]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Magento EE: