Lucene search

GitHub_MCVELIST:CVE-2020-26285

HistoryJan 21, 2021 - 1:30 p.m.

CVE-2020-26285 Widget instances allows a hacker to inject an executable file on the server on OpenMage

2021-01-2113:30:17

CWE-22

CWE-434

GitHub_M

www.cve.org

openmage

vulnerability

remote code execution

widget injection

server

executable file

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.015

Percentile

86.8%

JSON

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an executable file on the server. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved

CNA Affected

[
  {
    "product": "magento-lts",
    "vendor": "OpenMage",
    "versions": [
      {
        "status": "affected",
        "version": "< 19.4.10"
      },
      {
        "status": "affected",
        "version": ">= 20.0.0, < 20.0.5"
      }
    ]
  }
]

References

github.com/OpenMage/magento-lts/commit/4132668f5009f17456fe644742026f56d2297586

github.com/OpenMage/magento-lts/releases/tag/v19.4.10

github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.015

Percentile

86.8%

JSON

Related for CVELIST:CVE-2020-26285