Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyZ2YtdmZ3Mi1oajI2
RCE via PHP Object injection via SOAP Requests
Impact
This vulnerability allows an admin user to generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product.
Patches
The latest OpenMage Versions up from 19.4.7 and 20.0.3 have this Issue solved
Credits
Credit to Luke Rodgers for reporting
Permalink: https://github.com/advisories/GHSA-jrgf-vfw2-hj26JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyZ2YtdmZ3Mi1oajI2
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 3 years ago
Updated: about 1 year ago
CVSS Score: 8.1
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Identifiers: GHSA-jrgf-vfw2-hj26, CVE-2020-15244
References:
- https://github.com/OpenMage/magento-lts/security/advisories/GHSA-jrgf-vfw2-hj26
- https://nvd.nist.gov/vuln/detail/CVE-2020-15244
- https://github.com/OpenMage/magento-lts/commit/26433d15b57978fcb7701b5f99efe8332ca8630b
- https://github.com/OpenMage/magento-lts
- https://github.com/advisories/GHSA-jrgf-vfw2-hj26
Blast Radius: 12.1
Affected Packages
packagist:openmage/magento-lts
Dependent packages: 21Dependent repositories: 31
Downloads: 145,779 total
Affected Version Ranges: >= 20.0.0, < 20.0.4, < 19.4.8
Fixed in: 20.0.4, 19.4.8
All affected versions: 19.4.0, 19.4.1, 19.4.2, 19.4.3, 19.4.4, 19.4.5, 19.4.6, 19.4.7, 20.0.0, 20.0.1, 20.0.2, 20.0.3
All unaffected versions: 19.4.8, 19.4.9, 19.4.10, 19.4.11, 19.4.12, 19.4.13, 19.4.14, 19.4.15, 19.4.16, 19.4.17, 19.4.18, 19.4.19, 19.4.20, 19.4.21, 19.4.22, 19.4.23, 19.5.0, 19.5.1, 19.5.2, 19.5.3, 20.0.4, 20.0.5, 20.0.6, 20.0.7, 20.0.8, 20.0.10, 20.0.11, 20.0.12, 20.0.13, 20.0.14, 20.0.15, 20.0.16, 20.0.17, 20.0.18, 20.0.19, 20.0.20, 20.1.0, 20.1.1, 20.2.0, 20.3.0, 20.4.0, 20.5.0, 20.6.0