GHSA-jrgf-vfw2-hj26

Опубликовано: 30 окт. 2020

Источник: github

Github: Прошло ревью

CVSS3: 8

Описание

RCE via PHP Object injection via SOAP Requests

Impact

This vulnerability allows an admin user to generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product.

Patches

The latest OpenMage Versions up from 19.4.7 and 20.0.3 have this Issue solved

Credits

Credit to Luke Rodgers for reporting

Ссылки

Пакеты

Наименование

openmage/magento-lts

composer

Затронутые версииВерсия исправления

< 19.4.8

19.4.8

Наименование

openmage/magento-lts

composer

Затронутые версииВерсия исправления

>= 20.0.0, < 20.0.4

20.0.4

EPSS

Процентиль: 75%

0.0087

Низкий

8 High

CVSS3

CVE ID

CVE-2020-15244

Дефекты

CWE-502

CWE-74

Связанные уязвимости

CVE-2020-15244

CVSS3: 8

nvd

больше 5 лет назад

In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The issue is patched in versions 19.4.8 and 20.0.4.

EPSS

Процентиль: 75%

0.0087

Низкий

8 High

CVSS3

CVE ID

CVE-2020-15244

Дефекты

CWE-502

CWE-74