| |
Vulnerability CVE-2019-7858
Published: 2019-08-02 Modified: 2019-08-03
Description: |
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks. |
Type:
CWE-310 (Cryptographic Issues)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
|
|
|
Copyright 2024, cxsecurity.com
|
|
|