SB2020043002 - Multiple vulnerabilities in Magento
Published: April 30, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Command Injection (CVE-ID: CVE-2020-9576)
The vulnerability allows a remote attacker to inject and execute arbitrary commands on the system.
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary OS commands on the system.
2) Stored cross-site scripting (CVE-ID: CVE-2020-9577)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote non-authenticated attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
3) Command Injection (CVE-ID: CVE-2020-9578)
The vulnerability allows a remote attacker to inject and execute arbitrary commands on the system.
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary OS commands on the system.
4) Security restrictions bypass (CVE-ID: CVE-2020-9579)
The vulnerability allows a remote attacker to execute arbitrary code on the system
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary code on the system.
5) Security restrictions bypass (CVE-ID: CVE-2020-9580)
The vulnerability allows a remote attacker to execute arbitrary code on the system
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary code on the system.
6) Stored cross-site scripting (CVE-ID: CVE-2020-9581)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote non-authenticated attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
7) Command Injection (CVE-ID: CVE-2020-9582)
The vulnerability allows a remote attacker to inject and execute arbitrary commands on the system.
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary OS commands on the system.
8) Command Injection (CVE-ID: CVE-2020-9583)
The vulnerability allows a remote attacker to inject and execute arbitrary commands on the system.
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary OS commands on the system.
9) Stored cross-site scripting (CVE-ID: CVE-2020-9584)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote non-authenticated attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
10) Security restrictions bypass (CVE-ID: CVE-2020-9585)
The vulnerability allows a remote attacker to execute arbitrary code on the system
The vulnerability exists due to improper input validation. A remote authenticated administrator can execute arbitrary code on the system.
11) Improper access control (CVE-ID: CVE-2020-9591)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to application allows a remote non-authenticated attacker to access the admin panel interface.
12) Improper authorization (CVE-ID: CVE-2020-9587)
The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to unspecified error that allows a remote non-authenticated attacker to gain unauthorized access to product discounts. A remote attacker can use discounts to purchase goods in the e-shop.
13) Improper verification of cryptographic signature (CVE-ID: CVE-2020-9588)
The vulnerability allows a remote attacker to bypass implemented security restrictions
The vulnerability exists due to unspecified error that allows a remote authenticated administrator to bypass implemented security restrictions.
Remediation
Install update from vendor's website.