Lucene search
AdobeCVELIST:CVE-2019-7951HistoryAug 02, 2019 - 9:36 p.m.
CVE-2019-7951
2019-08-0221:36:12
adobe
www.cve.org
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP web service endpoint does not properly enforce parameters related to access control. This could be abused to leak customer information via crafted SOAP requests.
CNA Affected
[
{
"product": "Magento 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2"
}
]
}
]Related
cve
cve
CVE-2019-7951
2019-08-02 22:15:19
osv
osv
CVE-2019-7951
2019-08-02 22:15:19
Magento 2 Community Edition Information Leak
2022-05-24 16:52:29
nvd
nvd
CVE-2019-7951
2019-08-02 22:15:19
prion
prion
Information disclosure
2019-08-02 22:15:00
friendsofphp
friendsofphp
PRODSECBUG-2430: Security bypass via crafted SOAP requests
2019-06-25 00:00:00
github
github
Magento 2 Community Edition Information Leak
2022-05-24 16:52:29
openvas
openvas