The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Magento Enterprise Edition

vulnerability alert 20041

Magento Community Edition: vulnerability

Synthesis of the vulnerability

Vulnerabilities of Magento Community Edition have been announced.
Impacted products: Magento EE, Magento CE.
Severity: 3/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Creation date: 07/07/2016.
Identifiers: VIGILANCE-VUL-20041.

Description of the vulnerability

Vulnerabilities of Magento Community Edition have been announced.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-4010

Magento: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Impacted products: Magento EE, Magento CE.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights, data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 18/05/2016.
Revision date: 19/05/2016.
Identifiers: APPSEC-1389, APPSEC-1408, APPSEC-1410, APPSEC-1420, APPSEC-1421, APPSEC-1422, CVE-2016-4010, VIGILANCE-VUL-19649.

Description of the vulnerability

Several vulnerabilities were announced in Magento.

An attacker can use the REST/SOAP API, in order to run PHP code. [severity:3/4; APPSEC-1420, CVE-2016-4010]

An attacker can use a vulnerability in Unauthenticated Reinstallation, in order to run code. [severity:3/4; APPSEC-1421]

An attacker can modify accounts of other users, in order to escalate his privileges. [severity:2/4; APPSEC-1422]

An attacker can trigger a Cross Site Scripting in Authorize.net, in order to run JavaScript code in the context of the web site. [severity:2/4; APPSEC-1410]

An attacker can bypass security features via quote_id_mask, in order to obtain sensitive information. [severity:2/4; APPSEC-1408]

An attacker can read error messages, in order to obtain sensitive information. [severity:2/4; APPSEC-1389]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 19468

Magento SmartWave QuickView: SQL injection

Synthesis of the vulnerability

An attacker can use a SQL injection of Magento SmartWave QuickView, in order to read or alter data.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 27/04/2016.
Identifiers: VIGILANCE-VUL-19468.

Description of the vulnerability

The Magento SmartWave QuickView product uses a database.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection of Magento SmartWave QuickView, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 19467

Magento MD Quickview: SQL injection

Synthesis of the vulnerability

An attacker can use a SQL injection of Magento MD Quickview, in order to read or alter data.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 27/04/2016.
Identifiers: VIGILANCE-VUL-19467.

Description of the vulnerability

The Magento MD Quickview product uses a database.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection of Magento MD Quickview, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 19466

Magento Extreme Magento Quickshop: SQL injection

Synthesis of the vulnerability

An attacker can use a SQL injection of Magento Extreme Magento Quickshop, in order to read or alter data.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 27/04/2016.
Identifiers: VIGILANCE-VUL-19466.

Description of the vulnerability

The Magento Extreme Magento Quickshop product uses a database.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection of Magento Extreme Magento Quickshop, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 19465

Magento Extreme Magento Ajaxcart: SQL injection

Synthesis of the vulnerability

An attacker can use a SQL injection of Magento Extreme Magento Ajaxcart, in order to read or alter data.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 27/04/2016.
Identifiers: VIGILANCE-VUL-19465.

Description of the vulnerability

The Magento Extreme Magento Ajaxcart product uses a database.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection of Magento Extreme Magento Ajaxcart, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 19272

Magento: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 31/03/2016.
Identifiers: VIGILANCE-VUL-19272.

Description of the vulnerability

Several vulnerabilities were announced in Magento.

An attacker can trigger a Cross Site Scripting in Authorize.net, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can invite the victim to install a malicious Language Pack, in order to run PHP code. [severity:2/4]

An attacker can use the API Token, in order to perform a brute force to guess a password. [severity:2/4]

An attacker can bypass security features in the Web API, in order to obtain sensitive information. [severity:2/4]

An attacker can guess encryption keys, in order to obtain sensitive information. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability note 18784

Magento: Man-in-the-Middle

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle on Magento, in order to read or write data in the session.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Creation date: 21/01/2016.
Identifiers: VIGILANCE-VUL-18784.

Description of the vulnerability

The Magento product uses the TLS protocol, in order to create secure sessions.

However, the X.509 certificate and the service identity are not correctly checked.

An attacker can therefore act as a Man-in-the-Middle on Magento, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 18782

Magento 2: multiple vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Magento version 2.
Impacted products: Magento EE, Magento CE.
Severity: 2/4.
Consequences: user access/rights, client access/rights, data reading, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 12.
Creation date: 21/01/2016.
Identifiers: VIGILANCE-VUL-18782.

Description of the vulnerability

Several vulnerabilities were announced in Magento version 2.

An attacker can trigger a Cross Site Scripting in User Name, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can bypass security features in Block Cache, in order to obtain sensitive information. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Order Comments, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can use a SQL injection in Layered Navigation, in order to read or alter data. [severity:2/4]

An attacker can perform a brute force on Guest Order View, in order to escalate his privileges. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Custom Options, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can bypass security features in Reviews, in order to escalate his privileges. [severity:2/4]

An attacker can bypass security features of a CAPTCHA, in order to escalate his privileges. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Cookie Header, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Request Forgery in Delete Items from Cart, in order to force the victim to perform operations. [severity:2/4]

An attacker can inject code in the database, in order to escalate his privileges. [severity:1/4]

An attacker can bypass security features of the MaliciousCode Filter, in order to escalate his privileges. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-2212

Magento 1: multiple vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Magento version 1.
Impacted products: Magento EE, Magento CE.
Severity: 3/4.
Consequences: user access/rights, client access/rights, data reading, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 20.
Creation date: 21/01/2016.
Identifiers: CVE-2016-2212, KIS-2016-02, VIGILANCE-VUL-18781.

Description of the vulnerability

Several vulnerabilities were announced in Magento version 1.

An attacker can trigger a Cross Site Scripting in Email Addres, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Order Comments, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Order, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can perform a brute force on Guest Order View, in order to escalate his privileges. [severity:2/4]

An attacker can bypass security features in RSS Feed, in order to obtain sensitive information. [severity:2/4; CVE-2016-2212, KIS-2016-02]

An attacker can trigger a Cross Site Request Forgery in Backend Login Page, in order to force the victim to perform operations. [severity:2/4]

An attacker can upload a malicious file via Backend, in order for example to upload a Trojan. [severity:3/4]

An attacker can trigger a Cross Site Request Forgery in Login, in order to force the victim to perform operations. [severity:2/4]

An attacker can use a Excel Formula injection in CSV/XML Export, in order to read or alter data. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Custom Options, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can bypass security features in Reviews, in order to escalate his privileges. [severity:2/4]

An attacker can trigger a fatal error in Email Delivery, in order to trigger a denial of service. [severity:2/4]

An attacker can bypass security features of a CAPTCHA, in order to escalate his privileges. [severity:2/4]

An attacker can bypass security features in Authorize.net, in order to obtain sensitive information. [severity:1/4]

An attacker can trigger a Cross Site Scripting in Translation Table, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Request Forgery in Delete Items from Cart, in order to force the victim to perform operations. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Custom Options, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can use a Serialized String, in order to run code. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Backend Coupon Entry, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can inject code in the database, in order to escalate his privileges. [severity:1/4]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Magento Enterprise Edition: