Lucene search

CVE-2020-15151

🗓️ 20 Aug 2020 01:12:17Reported by GitHub_MType

OpenMage LTS before versions 19.4.6 and 20.0.2 circumvents fromkey protection in Admin Interfac

Reporter	Title	Published	Views	Family All 20
OSV	Observable Timing Discrepancy in OpenMage LTS	19 Aug 202018:02	–	osv
OSV	BIT-magento-2020-15151	6 Mar 202411:08	–	osv
OSV	CVE-2020-15151	20 Aug 202001:17	–	osv
OSV	BIT-magento-2020-9690	6 Mar 202411:02	–	osv
OSV	Magento observable timing discrepancy vulnerability	24 May 202217:24	–	osv
OSV	CVE-2020-9690	29 Jul 202013:15	–	osv
RedhatCVE	CVE-2020-15151	5 Feb 202514:53	–	redhatcve
Cvelist	CVE-2020-15151 Observable Timing Discrepancy in OpenMage LTS	19 Aug 202018:10	–	cvelist
Cvelist	CVE-2020-9690	29 Jul 202012:20	–	cvelist
NVD	CVE-2020-15151	20 Aug 202001:17	–	nvd

Nvd

Vulners

Node

openmage openmage_long_term_supportRange<19.4.6

openmage openmage_long_term_supportRange20.0.0–20.0.2

Node

magento magentoRange≤2.3.5commerce

magento magentoRange≤2.3.5open_source

[
  {
    "product": "magento-lts",
    "vendor": "OpenMage",
    "versions": [
      {
        "status": "affected",
        "version": "< 19.4.6\""
      },
      {
        "status": "affected",
        "version": ">= 20.0.0, < 20.0.2"
      }
    ]
  }
]

Source	Link
github	www.github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a
github	www.github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6
helpx	www.helpx.adobe.com/security/products/magento/apsb20-47.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Aug 2020 01:17Current

5.6Medium risk

Vulners AI Score5.6

CVSS24

CVSS38

EPSS0.00096