S

SUPEE-6482

SUPEE-6482 is a bundle of patches that resolve several security issues, including Remote File Inclusion and Remote Code execution.

You can find more details on the vulnerabilities address by this patch below:

SSRF Vulnerability in WSDL file – APPSEC-1020

Type: Remote File Inclusion
CVSSv3 Severity: 5.3 (Medium)
Known Attacks: None
Description: Incorrect encoding of API password can lead to probing internal network resources or remote file inclusion.
Product(s) Affected: Magento CE prior to 1.9.2.1, and Magento EE prior to 1.14.2.1
Fixed In: CE 1.9.2.1, EE 1.14.2.1
Reporter: Matthew Barry

Autoloaded File Inclusion in Magento SOAP API – APPSEC-1019

Type: Remote Code Execution (RCE)
CVSSv3 Severity: 6.5 (Medium)
Known Attacks: None
Description: Incorrect validation of a SOAP API request makes it possible to autoload code. The exploit requires the attacker to first log in with API credentials. Depending on the PHP version and/or configuration settings, code can then be loaded from a remote location.
Product(s) Affected: Magento CE prior to 1.9.2.1, and Magento EE prior to 1.14.2.1
Fixed In: CE 1.9.2.1, EE 1.14.2.1
Reporter: Egidio Danilo Romano

 

For Magento Enterprise Edition Only:

Cross-site Scripting/Cache Poisoning – APPSEC-1030

Type: Cross-site Scripting (XSS) – Stored / Cache Poisoning
CVSSv3 Severity: 9.3 (Critical)
Known Attacks: None
Description: Unvalidated host header leaks into response and page. Because the page can be cached, this leak poses a risk for all store customers because any HTML or JavaScript code can be injected. Such an exploit works only with specific server configurations, and allows an attacker to intercept a session or modify a page with fake credit card forms, etc.
Product(s) Affected: Magento EE prior to 1.14.2.1
Fixed In: EE 1.14.2.1
Reporter: Internal (ECG)

Cross-site Scripting in Gift Registry Search – APPSEC-1022

Type: Cross-site Scripting (XSS) – Reflected
CVSSv3 Severity: 9.3 (Critical)
Known Attacks: None
Description: Cross-site scripting vulnerability affects registered users. Attack through unescaped search parameter. Risk of cookie theft and impersonating as the user.
Product(s) Affected: Magento EE prior to 1.14.2.1
Fixed In: EE 1.14.2.1
Reporter: Hannes Karlsson/Vaimo
SUPEE-6482
0 votes, 0.00 avg. rating (0% score)