Veracode Vulnerability DatabaseVERACODE:39077Remote Code Execution (RCE)
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
28.0%
openmage/magento-lts is vulnerable to Remote Code Execution (RCE). The vulnerability exists due to the lack of validation in the $this, $callback, and $alias parameters in the getChildGroup function of Abstract.php, allowing an attacker to bypass the block blacklist and inject and execute malicious code through the update layout.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openmage/magento-lts | le | v20.0.18 | |
| openmage/magento-lts | le | v19.4.21 | |
| openmage/magento-lts | le | v20.0.18 | |
| openmage/magento-lts | le | v19.4.21 |
References
github.com/advisories/GHSA-5j2g-3ph4-rgvm
github.com/OpenMage/magento-lts/commit/06c45940ba3256cdfc9feea12a3c0ca56d23acf8
github.com/OpenMage/magento-lts/commit/87115b78b8ccc7186e0a7aae49a290465a7d42f4
github.com/OpenMage/magento-lts/releases/tag/v19.4.22
github.com/OpenMage/magento-lts/releases/tag/v20.0.19
github.com/OpenMage/magento-lts/security/advisories/GHSA-5j2g-3ph4-rgvm
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
28.0%