Description
An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes.
Remediation
References
Related Vulnerabilities
MySQL CVE-2024-21166 Vulnerability (CVE-2024-21166)
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.4)
WordPress Plugin Chatbot with IBM Watson Cross-Site Scripting (0.8.20)
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.9)
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)