Lucene search
GoogleOSV:CVE-2019-7950HistoryAug 02, 2019 - 10:15 p.m.
CVE-2019-7950
2019-08-0222:15:19
Google
osv.dev
3
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information.
Related
prion
prion
Improper access control
2019-08-02 22:15:00
veracode
veracode
Authorization Bypass
2019-08-13 06:29:50
cvelist
cvelist
CVE-2019-7950
2019-08-02 21:35:49
cve
cve
CVE-2019-7950
2019-08-02 22:15:19
friendsofphp
friendsofphp
PRODSECBUG-2429: Insecure object reference via customer REST API
2019-06-25 00:00:00
osv
osv
Magento 2 Community Edition Access Control Bypass
2022-05-24 16:52:29
nvd
nvd
CVE-2019-7950
2019-08-02 22:15:19
github
github
Magento 2 Community Edition Access Control Bypass
2022-05-24 16:52:29
openvas
openvas