A vulnerability has been found in Magento up to 2.2.9/2.3.2 and classified as critical. This vulnerability affects an unknown functionality of the component Shippment Handler. The manipulation as part of a Request leads to a server-side request forgery vulnerability. The CWE definition for the vulnerability is CWE-918. The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.

The weakness was presented 11/06/2019. This vulnerability was named CVE-2019-8151 since 02/12/2019. The attack can be initiated remotely. The successful exploitation needs a single authentication. There are neither technical details nor an exploit publicly available.

Upgrading to version 2.2.10, 2.3.2-p1 or 2.3.3 eliminates this vulnerability.

See VDB-145052, VDB-145051, VDB-145050 and VDB-145049 for similar entries. Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• E-Commerce Management Software

Name

• Magento

Version

• 2.2.0
• 2.2.1
• 2.2.2
• 2.2.3
• 2.2.4
• 2.2.5
• 2.2.6
• 2.2.7
• 2.2.8
• 2.2.9
• 2.3.0
• 2.3.1
• 2.3.2

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion