Multiple vulnerabilities in Adobe Commerce and Magento Open Source
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2023-29287 CVE-2023-29288 CVE-2023-29289 CVE-2023-29290 CVE-2023-29291 CVE-2023-29292 CVE-2023-29295 CVE-2023-29296 CVE-2023-22248 CVE-2023-29293 CVE-2023-29294 CVE-2023-29297 |
| CWE-ID | CWE-200 CWE-863 CWE-91 CWE-353 CWE-918 CWE-20 CWE-840 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Adobe Commerce (formerly Magento Commerce) Web applications / E-Commerce systems Magento Open Source Web applications / E-Commerce systems |
| Vendor | Magento, Inc |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU77457
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29287
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect authorization
EUVDB-ID: #VU77458
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29288
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) XML injection
EUVDB-ID: #VU77461
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29289
CWE-ID:
CWE-91 - XML Injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to improper input validation when processing XML data. A remote user can pass specially crafted XML data to the application and gain access to sensitive information.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Missing support for integrity check
EUVDB-ID: #VU77463
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29290
CWE-ID:
CWE-353 - Missing Support for Integrity Check
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to missing support for integrity check. A remote attacker can perform MitM attack.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU77465
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29291
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote privileged user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote privileged user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU77466
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29292
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote privileged user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote privileged user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Incorrect authorization
EUVDB-ID: #VU77459
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29295
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Incorrect authorization
EUVDB-ID: #VU77460
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29296
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Incorrect authorization
EUVDB-ID: #VU77462
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22248
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to incorrect authorization. A remote user can bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU77467
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29293
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the user's minor feature. A remote administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Business Logic Errors
EUVDB-ID: #VU77468
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29294
CWE-ID:
CWE-840 - Business Logic Errors (3.0)
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to a business logic error. A remote user can bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Stored cross-site scripting
EUVDB-ID: #VU77469
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29297
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote administrator to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote administrator can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Install updates from vendor's website.
Vulnerable software versionsAdobe Commerce (formerly Magento Commerce): 2.3.7 - 2.4.6
Magento Open Source: 2.3.7 - 2.4.6
External linkshttp://helpx.adobe.com/security/products/magento/apsb23-35.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
