CVE-2020-9630

Improper Privilege Management in packagist/magento/community-edition

Identifiers

CVE-2020-9630

Package Slug

packagist/magento/community-edition

Vulnerability

Improper Privilege Management

Description

Magento has a business logic error vulnerability. Successful exploitation could lead to privilege escalation.

Affected Versions

All versions up to 1.9.4.4, all version starting from 1.14.4.0 up to 1.14.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4

Solution

Upgrade to versions 1.9.4.5, 1.14.4.5, 2.3.5 or above.

Last Modified

2020-07-02

source