Vulnerabilites related to Adobe Systems Incorporated - Magento 1& 2
CVE-2019-8123 (GCVE-0-2019-8123)
Vulnerability from cvelistv5
Published
2019-11-05 22:50
Modified
2024-08-04 21:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insufficient logging and monitoring
Summary
An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Magento 1& 2 |
Version: Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:10:32.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://magento.com/security/patches/supee-11219"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Magento 1\u0026 2",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient logging and monitoring",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T22:50:57",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://magento.com/security/patches/supee-11219"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2019-8123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento 1\u0026 2",
"version": {
"version_data": [
{
"version_value": "Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient logging and monitoring"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://magento.com/security/patches/supee-11219",
"refsource": "MISC",
"url": "https://magento.com/security/patches/supee-11219"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2019-8123",
"datePublished": "2019-11-05T22:50:57",
"dateReserved": "2019-02-12T00:00:00",
"dateUpdated": "2024-08-04T21:10:32.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}