The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of Magento Commerce: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento Commerce.
Severity of this bulletin: 3/4.
Creation date: 27/06/2018.
Références of this threat: CERTFR-2018-AVI-311, SUPEE-10752, VIGILANCE-VUL-26559.

Description of the vulnerability

An attacker can use several vulnerabilities of Magento Commerce.
Full Vigil@nce bulletin... (Request your free trial)

This computer threat bulletin impacts software or systems such as Magento EE, Magento CE.

Our Vigil@nce team determined that the severity of this security threat is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this computer vulnerability alert.

Solutions for this threat

Magento Open Source, Commerce: version 2.2.5.
The version 2.2.5 is fixed:
  https://www.magento.com/

Magento Open Source, Commerce: version 2.1.14.
The version 2.1.14 is fixed:
  https://www.magento.com/

Magento Open Source: version 1.9.3.9.
The version 1.9.3.9 is fixed:
  https://www.magento.com/

Magento Commerce: version 1.14.3.9.
The version 1.14.3.9 is fixed:
  https://www.magento.com/

Magento Open Source, Commerce: patch SUPEE-10752.
A patch is indicated in information sources.
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides system vulnerability patches. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.