CVE-2019-8123 Vulnerability Details

  /     /     /  

CVE-2019-8123 Metadata Quick Info

CVE Published: 05/11/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: adobe | Vendor: Adobe Systems Incorporated | Product: Magento 1& 2
Status : PUBLISHED

---

CVE-2019-8123 Description

An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Insufficient logging and monitoring
Source: Adobe Systems Incorporated

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).