Magento Security 更新了超過 30 個程式錯ˋ誤的修正程式，其中包括未經驗證的遠端程式碼執行弱點 (PRODSECBUG-2198)

Magento Commerce and Open Source advisory provides fixes for RCE, XSS, SQLi, and XSRF vulnerabilities.

背景說明

Magento has released a security advisory for 30+ vulnerabilities, including an unauthenticated Remote Code Execution (RCE) vulnerability which Magento is highly recommending users patch as soon as possible. Magento is an e-commerce management tool widely used by many online platforms. With the frequency of Magecart attacks, proper e-commerce security is critical for any modern business.

分析

In the advisory, “PRODSECBUG-2198” is a high severity unauthenticated SQL injection vulnerability that could allow an attacker to run code on a target Magento instance, and the advisory lists that this could lead to sensitive data leakage. Data leakage for e-commerce platforms involve personal and financial information, and Sucuri reports that this attack is “Very Easy” to execute. As of March 28, there were no specific details or publicly available exploits. Magento is recommending customers upgrade to protect their stores.

Update March 29: Ambionics Security has released a technical analysis of the flaw with additional details and a working proof of concept (PoC) that would allow for extraction of admin sessions or password hashes.

解決方法

Magento site owners should update to the patched versions as soon as possible. PRODSECBUG-2198 has been patched in the following Magento releases:

• Magento Open Source 1.9.4.1
• Magento Commerce 1.14.4.1
• Magento Commerce 2.1.17
• Magento Commerce 2.2.8
• Magento Commerce 2.3.1

找出受影響的系統

A list of plugins to identify these vulnerabilities will appear here as they’re released.

取得更多資訊

• Magento Advisory
• Security Boulevard analysis of PRODSECBUG-2198

加入 Tenable Community 的 Tenable 安全回應團隊。

深入瞭解 Tenable，這是用於全面管理新型攻擊破綻的首創 Cyber Exposure 平台。

Get a free 60-day trial of Tenable.io Vulnerability Management.