Magento 2.2 prior to 2.2.10 Unrestricted Upload of File with Dangerous Type Vulnerability

Summary

 An authenticated user can leverage the file upload controller for downloadable products to read or delete arbitrary files.

 

 

 

 

 

 

 

 

 

 

 

Credit:

The information has been provided by Vendor

The original article can be found at:https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update


Details

An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files.

 

Vulnerable Systems:

Magento 2.2 prior to 2.2.10

Magento 2.3 prior to 2.3.3 or 2.3.2-p1

 

CVE Information:

CVE-2019-8093

Disclosure Timeline:
Published Date:11/5/2019