3 matches found
CVE-2020-5777
MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting maxconnections default 151 is lower than Apache or...
Magneto MAGMI Authentication Bypass (CVE-2020-5777)
An authentication bypass vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
CVE-2020-5777
Summary. MAGMI (Magento Mass Importer) versions before 0.7.24 are affected by a remote authentication bypass caused by default credentials being accepted when a database connection fails. The bypass can be triggered when the MySQL max_connections value is lower than the web server’s MaxRequestWor...