Lucene search

[email protected]CVE-2015-1398

HistoryApr 29, 2015 - 10:59 p.m.

CVE-2015-1398

2015-04-2922:59:01

CWE-22

[email protected]

web.nvd.nist.gov

cve

directory traversal

vulnerabilities

magento

remote code execution

authenticated users

php files

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.833 High

EPSS

Percentile

98.5%

JSON

Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) … (dot dot) sequences in the PATH_INFO to index.php or (2) vectors involving a block value in the ___directive parameter to the Cms_Wysiwyg controller in the Adminhtml module, related to the blockDirective function and the auto loading mechanism. NOTE: vector 2 might not cross privilege boundaries, since administrators might already have the privileges to execute code and upload files.

Affected configurations

NVD

Node

magentomagentoMatch1.9.1.0community

magentomagentoMatch1.14.1.0enterprise

CPENameOperatorVersion
magento:magentomagentoeq1.9.1.0
magento:magentomagentoeq1.14.1.0

CPE	Name	Operator	Version
magento:magento	magento	eq	1.9.1.0
magento:magento	magento	eq	1.14.1.0

References

blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/

magento.com/blog/technical/critical-security-advisory-remote-code-execution-rce-vulnerability

www.securitytracker.com/id/1032194

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.833 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2015-1398

prion1 nvd1 cvelist1 checkpoint_advisories1 openvas1