FKIE_CVE-2020-26285

Vulnerability from fkie_nvd - Published: 2021-01-21 14:15 - Updated: 2024-11-21 05:19
Severity ?
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an executable file on the server. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved
References
security-advisories@github.comhttps://github.com/OpenMage/magento-lts/commit/4132668f5009f17456fe644742026f56d2297586Patch, Third Party Advisory
security-advisories@github.comhttps://github.com/OpenMage/magento-lts/releases/tag/v19.4.10Third Party Advisory
security-advisories@github.comhttps://github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/OpenMage/magento-lts/commit/4132668f5009f17456fe644742026f56d2297586Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/OpenMage/magento-lts/releases/tag/v19.4.10Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9Third Party Advisory
Impacted products
Vendor Product Version
openmage openmage *
openmage openmage *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openmage:openmage:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "E706EF46-D4ED-40AD-B1D8-EAA875FB326B",
              "versionEndExcluding": "19.4.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openmage:openmage:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "4258600B-5C75-41D6-A9C8-6D6AABC6CBF3",
              "versionEndExcluding": "20.0.5",
              "versionStartIncluding": "20.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an executable file on the server. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved"
    },
    {
      "lang": "es",
      "value": "OpenMage es una alternativa impulsada por la comunidad a Magento CE. En OpenMage versiones anteriores a 19.4.10 y 20.0.5, se presenta una vulnerabilidad que permite una ejecuci\u00f3n de c\u00f3digo remota. En las versiones afectadas, un administrador con permiso para importar/exportar datos y crear instancias de widgets pudo inyectar un archivo ejecutable en el servidor. Las \u00faltimas versiones de OpenMage hasta 19.4.9 y 20.0.5 tienen este problema solucionado"
    }
  ],
  "id": "CVE-2020-26285",
  "lastModified": "2024-11-21T05:19:45.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.8,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-21T14:15:12.620",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/commit/4132668f5009f17456fe644742026f56d2297586"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/releases/tag/v19.4.10"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/commit/4132668f5009f17456fe644742026f56d2297586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/releases/tag/v19.4.10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        },
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.