Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.143808
Category:Web application abuses
Title:Magento Multiple Vulnerabilities (ASPB20-22)
Summary:Magento is prone to multiple vulnerabilities.
Description:Summary:
Magento is prone to multiple vulnerabilities.

Vulnerability Insight:
Magento is prone to multiple vulnerabilities:

- Multiple command injection vulnerabilities (CVE-2020-9576, CVE-2020-9578, CVE-2020-9582, CVE-2020-9583)

- Multiple cross-site scripting vulnerabilities (CVE-2020-9577, CVE-2020-9581, CVE-2020-9584)

- Multiple security mitigation bypass vulnerabilities (CVE-2020-9579, CVE-2020-9580, )

- Arbitrary code execution vulnerability (CVE-2020-9585)

- Unauthorized access to admin panel (CVE-2020-9591)

- Potentially unauthorized product discounts (CVE-2020-9587)

- Signature verification bypass vulnerability (CVE-2020-9588)

Affected Software/OS:
Magento versions 1.9.4.4 and prior, 1.14.4.4 and prior, 2.2.11 and prior and
2.3.4 and prior.

Solution:
Update to version 1.9.4.5, 1.14.4.5, 2.3.4-p2 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-9576
https://helpx.adobe.com/security/products/magento/apsb20-22.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-9577
Common Vulnerability Exposure (CVE) ID: CVE-2020-9578
Common Vulnerability Exposure (CVE) ID: CVE-2020-9579
Common Vulnerability Exposure (CVE) ID: CVE-2020-9580
Common Vulnerability Exposure (CVE) ID: CVE-2020-9581
Common Vulnerability Exposure (CVE) ID: CVE-2020-9582
Common Vulnerability Exposure (CVE) ID: CVE-2020-9583
Common Vulnerability Exposure (CVE) ID: CVE-2020-9584
Common Vulnerability Exposure (CVE) ID: CVE-2020-9585
Common Vulnerability Exposure (CVE) ID: CVE-2020-9587
Common Vulnerability Exposure (CVE) ID: CVE-2020-9588
Common Vulnerability Exposure (CVE) ID: CVE-2020-9591
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.