SB2023061608 - Multiple vulnerabilities in Adobe Commerce and Magento Open Source 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023061608

SB2023061608 - Multiple vulnerabilities in Adobe Commerce and Magento Open Source

Published: June 16, 2023

Security Bulletin ID SB2023061608
Severity
Medium
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2023-29287)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.


2) Incorrect authorization (CVE-ID: CVE-2023-29288)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.


3) XML injection (CVE-ID: CVE-2023-29289)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper input validation when processing XML data. A remote user can pass specially crafted XML data to the application and gain access to sensitive information.


4) Missing support for integrity check (CVE-ID: CVE-2023-29290)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to missing support for integrity check. A remote attacker can perform MitM attack.


5) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2023-29291)

The disclosed vulnerability allows a remote privileged user to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input. A remote privileged user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


6) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2023-29292)

The disclosed vulnerability allows a remote privileged user to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input. A remote privileged user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


7) Incorrect authorization (CVE-ID: CVE-2023-29295)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.


8) Incorrect authorization (CVE-ID: CVE-2023-29296)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.


9) Incorrect authorization (CVE-ID: CVE-2023-22248)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.


10) Input validation error (CVE-ID: CVE-2023-29293)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the user's minor feature. A remote administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.


11) Business Logic Errors (CVE-ID: CVE-2023-29294)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to a business logic error. A remote user can bypass implemented security restrictions.


12) Stored cross-site scripting (CVE-ID: CVE-2023-29297)

The disclosed vulnerability allows a remote administrator to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote administrator can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.



Remediation

Install update from vendor's website.

References