CVE-2019-8118

2019-11-0522:49:04

adobe

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.9%

JSON

Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts.

CNA Affected

[
  {
    "product": "Magento 2",
    "vendor": "Adobe Systems Incorporated",
    "versions": [
      {
        "status": "affected",
        "version": "Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2"
      }
    ]
  }
]