Las actualizaciones de seguridad Magento reparan más de 30 errores, incluyendo una vulnerabilidad de ejecución de código remota (PRODSECBUG-2198)
Magento Commerce and Open Source advisory provides fixes for RCE, XSS, SQLi, and XSRF vulnerabilities.
Antecedentes
Magento has released a security advisory for 30+ vulnerabilities, including an unauthenticated Remote Code Execution (RCE) vulnerability which Magento is highly recommending users patch as soon as possible. Magento is an e-commerce management tool widely used by many online platforms. With the frequency of Magecart attacks, proper e-commerce security is critical for any modern business.
Análisis
In the advisory, “PRODSECBUG-2198” is a high severity unauthenticated SQL injection vulnerability that could allow an attacker to run code on a target Magento instance, and the advisory lists that this could lead to sensitive data leakage. Data leakage for e-commerce platforms involve personal and financial information, and Sucuri reports that this attack is “Very Easy” to execute. As of March 28, there were no specific details or publicly available exploits. Magento is recommending customers upgrade to protect their stores.
Update March 29: Ambionics Security has released a technical analysis of the flaw with additional details and a working proof of concept (PoC) that would allow for extraction of admin sessions or password hashes.
Solución
Magento site owners should update to the patched versions as soon as possible. PRODSECBUG-2198 has been patched in the following Magento releases:
- Magento Open Source 1.9.4.1
- Magento Commerce 1.14.4.1
- Magento Commerce 2.1.17
- Magento Commerce 2.2.8
- Magento Commerce 2.3.1
Identificación de los sistemas afectados
A list of plugins to identify these vulnerabilities will appear here as they’re released.
Obtenga más información
Únase al Equipo de respuesta de seguridad de Tenable en Tenable Community.
Obtenga más información sobre Tenable, la primera plataforma de Cyber Exposure para el control integral de la superficie de ataque moderna.
Get a free 60-day trial of Tenable.io Vulnerability Management.
Ryan Seguin
Security Response Manager
Ryan joined Tenable in 2013 as a customer support engineer assisting customers with technical troubleshooting and product education. After that, he helped create dashboard and report templates for SecurityCenter that users can download through the Tenable.sc feed. Now Ryan is a member of the Security Response team, informing customers of the latest security threats, and providing in-depth analytics for today’s most critical vulnerabilities.
Interests outside of work: Ryan is a retro video game console/arcade hardware enthusiast and modder, and he is also studying Japanese and hopes to one day be fluent.
Artículos relacionados
Volt Typhoon: What State and Local Government Officials Need to Know
Increased activity from the state-sponsored threat group Volt Typhoon raises concerns about the cybersecurity of U.S. critical infrastructure. Here’s how you can identify potential exposures and attack paths....
Cybersecurity Snapshot: Guide Unpacks Event-Logging Best Practices, as FAA Proposes Stronger Cyber Rules for Airplanes
Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on...
Detecting Risky Third-party Drivers on Windows Assets
Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers....
- Threat Intelligence
- Threat Management
- Vulnerability Management