The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of Magento: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Severity of this weakness: 4/4.
Creation date: 01/06/2017.
Références of this bulletin: VIGILANCE-VUL-22878.

Description of the vulnerability

An attacker can use several vulnerabilities of Magento.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat alert impacts software or systems such as Magento EE, Magento CE.

Our Vigil@nce team determined that the severity of this computer vulnerability bulletin is critical.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this weakness note.

Solutions for this threat

Magento: versions 2.0.14 and 2.1.7.
Versions 2.0.14 and 2.1.7 are fixed:
  Magento Community Edition: https://magento.com/tech-resources/download

Magento: versions CE 1.9.3.4 and EE 1.14.3.4.
Versions CE 1.9.3.4 and EE 1.14.3.4 are fixed:
  Magento Community Edition: https://magento.com/tech-resources/download

Magento: patch SUPEE-9767 Version 2.
A patch is available:
  http://devdocs.magento.com/guides/m1x/other/ht_install-patches.html
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a system vulnerability announce. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.