๐ [PRODSECBUG-2307] Insufficient enforcement of user access controls could lead to unauthorized environment configuration changes - CVE-2019-7904
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: portal.patchman.co
Insufficient enforcement of user access controls could be abused by a low-privileged user to make unauthorized environment configuration changes, such as removing security controls.
Part of update Magento 2.3.2, 2.2.9 and 2.1.18 Security Update 1/3
This vulnerability affects the following application versions:
- Magento 2.1.0
- Magento 2.1.1
- Magento 2.1.2
- Magento 2.1.3
- Magento 2.1.4
- Magento 2.1.5
- Magento 2.1.6
- Magento 2.1.7
- Magento 2.1.8
- Magento 2.1.9
- Magento 2.1.10
- Magento 2.1.11
- Magento 2.1.12
- Magento 2.1.13
- Magento 2.1.14
- Magento 2.1.15
- Magento 2.1.16
- Magento 2.1.17
- Magento 2.2.0
- Magento 2.2.1
- Magento 2.2.2
- Magento 2.2.3
- Magento 2.2.4
- Magento 2.2.5
- Magento 2.2.6
- Magento 2.2.7
- Magento 2.2.8
- Magento 2.3.0
- Magento 2.3.1