A vulnerability classified as critical was found in Magento up to 1.9.4.1/2.1.17/2.2.8/2.3.1. This vulnerability affects an unknown code block of the component Admin Panel. The manipulation with an unknown input leads to a server-side request forgery vulnerability. The CWE definition for the vulnerability is CWE-918. The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin panel to manipulate system configuration and execute arbitrary code.

The weakness was presented 08/02/2019 (Website). The advisory is available at magento.com. This vulnerability was named CVE-2019-7911 since 02/12/2019. The attack can be initiated remotely. The requirement for exploitation is a single authentication. The technical details are unknown and an exploit is not available.

Upgrading to version 1.9.4.2, 2.1.18, 2.2.9 or 2.3.2 eliminates this vulnerability.

See 133339, 139403, 139404 and 139412 for similar entries.

Productinfo

Name

• Magento

Version

• 1.9.4.0
• 1.9.4.1
• 2.1.0
• 2.1.1
• 2.1.2
• 2.1.3
• 2.1.4
• 2.1.5
• 2.1.6
• 2.1.7
• 2.1.8
• 2.1.9
• 2.1.10
• 2.1.11
• 2.1.12
• 2.1.13
• 2.1.14
• 2.1.15
• 2.1.16
• 2.1.17
• 2.2.0
• 2.2.1
• 2.2.2
• 2.2.3
• 2.2.4
• 2.2.5
• 2.2.6
• 2.2.7
• 2.2.8
• 2.3.0
• 2.3.1

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion