Description

A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.

Remediation

References

CVE-2019-7855

Related Vulnerabilities

WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.13)

MySQL CVE-2015-0405 Vulnerability (CVE-2015-0405)

MySQL CVE-2022-21315 Vulnerability (CVE-2022-21315)

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-2621)

Severity

Medium

Classification

CVE-2019-7855 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities