Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-609
Vulnerability from certfr_avis - Published: 2021-08-11 - Updated: 2021-08-11
De multiples vulnérabilités ont été découvertes dans Magento. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Magento | Magento Open Source versions 2.4.2.x antérieures à 2.4.2-p2 | ||
| Adobe | Magento | Magento Commerce versions 2.3.7.x antérieures à 2.3.7-p1 | ||
| Adobe | Magento | Magento Commerce versions 2.4.2.x antérieures à 2.4.2-p2 | ||
| Adobe | Magento | Magento Open Source versions 2.3.7.x antérieures à 2.3.7-p1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Magento Open Source versions 2.4.2.x ant\u00e9rieures \u00e0 2.4.2-p2",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Commerce versions 2.3.7.x ant\u00e9rieures \u00e0 2.3.7-p1",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Commerce versions 2.4.2.x ant\u00e9rieures \u00e0 2.4.2-p2",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.3.7.x ant\u00e9rieures \u00e0 2.3.7-p1",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-36042",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36042"
},
{
"name": "CVE-2021-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36028"
},
{
"name": "CVE-2021-36037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36037"
},
{
"name": "CVE-2021-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36021"
},
{
"name": "CVE-2021-36030",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36030"
},
{
"name": "CVE-2021-36034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36034"
},
{
"name": "CVE-2021-36026",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36026"
},
{
"name": "CVE-2021-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36033"
},
{
"name": "CVE-2021-36022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36022"
},
{
"name": "CVE-2021-36024",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36024"
},
{
"name": "CVE-2021-36043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36043"
},
{
"name": "CVE-2021-36025",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36025"
},
{
"name": "CVE-2021-36031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36031"
},
{
"name": "CVE-2021-36035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36035"
},
{
"name": "CVE-2021-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36012"
},
{
"name": "CVE-2021-36036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36036"
},
{
"name": "CVE-2021-36027",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36027"
},
{
"name": "CVE-2021-36041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36041"
},
{
"name": "CVE-2021-36039",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36039"
},
{
"name": "CVE-2021-36032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36032"
},
{
"name": "CVE-2021-36029",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36029"
},
{
"name": "CVE-2021-36038",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36038"
},
{
"name": "CVE-2021-36040",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36040"
},
{
"name": "CVE-2021-36044",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36044"
},
{
"name": "CVE-2021-36023",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36023"
},
{
"name": "CVE-2021-36020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36020"
}
],
"initial_release_date": "2021-08-11T00:00:00",
"last_revision_date": "2021-08-11T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-609",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-08-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Magento. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Magento",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Magento apsb21-64 du 10 ao\u00fbt 2021",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
}
CVE-2021-36039 (GCVE-0-2021-36039)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:30 – Updated: 2024-09-16 23:21
VLAI
EPSS
Title
Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information.
Severity
6.5 (Medium)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:30:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36039",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization (CWE-863)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36039",
"datePublished": "2021-09-01T14:30:01.556Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:21:57.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36040 (GCVE-0-2021-36040)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:31 – Updated: 2024-09-17 01:35
VLAI
EPSS
Title
Magento Commerce Improper Input Validation Could Lead To Remote Code Execution
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution.
Severity
9.1 (Critical)
CWE
- CWE-20 - Improper Input Validation (CWE-20)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:31:07.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce Improper Input Validation Could Lead To Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36040",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce Improper Input Validation Could Lead To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36040",
"datePublished": "2021-09-01T14:31:07.265Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:35:35.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36041 (GCVE-0-2021-36041)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:31 – Updated: 2024-09-17 04:04
VLAI
EPSS
Title
Magento Commerce Improper Input Validation Could Lead To Remote Code Execution
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution.
Severity
9.1 (Critical)
CWE
- CWE-20 - Improper Input Validation (CWE-20)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the \u0027pub/media` directory could lead to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:31:14.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce Improper Input Validation Could Lead To Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36041",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce Improper Input Validation Could Lead To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the \u0027pub/media` directory could lead to remote code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36041",
"datePublished": "2021-09-01T14:31:14.142Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:04:02.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36042 (GCVE-0-2021-36042)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:31 – Updated: 2024-09-17 01:25
VLAI
EPSS
Title
Magento Commerce API File Option Upload Extension Improper Input Validation Vulnerability Could Lead To Remote Code Execution
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution.
Severity
9.1 (Critical)
CWE
- CWE-20 - Improper Input Validation (CWE-20)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:31:24.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce API File Option Upload Extension Improper Input Validation Vulnerability Could Lead To Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36042",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce API File Option Upload Extension Improper Input Validation Vulnerability Could Lead To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36042",
"datePublished": "2021-09-01T14:31:24.882Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:25:59.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36043 (GCVE-0-2021-36043)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:31 – Updated: 2024-09-16 20:36
VLAI
EPSS
Title
Magento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.
Severity
CWE
- CWE-918 - Server-Side Request Forgery (SSRF) (CWE-918)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF) (CWE-918)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:31:38.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36043",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) (CWE-918)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36043",
"datePublished": "2021-09-01T14:31:38.272Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:36:46.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36044 (GCVE-0-2021-36044)
Vulnerability from cvelistv5 – Published: 2021-09-01 14:32 – Updated: 2024-09-16 19:57
VLAI
EPSS
Title
Magento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service
Summary
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field.
Severity
7.5 (High)
CWE
- CWE-20 - Improper Input Validation (CWE-20)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
unspecified , ≤ 2.4.2
(custom)
Affected: unspecified , ≤ 2.4.2-p1 (custom) Affected: unspecified , ≤ 2.3.7 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2021-08-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.2-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T14:32:31.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Magento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-08-10T23:00:00.000Z",
"ID": "CVE-2021-36044",
"STATE": "PUBLIC",
"TITLE": "Magento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.2"
},
{
"version_affected": "\u003c=",
"version_value": "2.4.2-p1"
},
{
"version_affected": "\u003c=",
"version_value": "2.3.7"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-36044",
"datePublished": "2021-09-01T14:32:31.895Z",
"dateReserved": "2021-06-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:57:02.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…