=================================================================== CERT-Renater Note d'Information No. 2022/VULN266 _____________________________________________________________________ DATE : 11/08/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe Commerce ====================================================================https://helpx.adobe.com/security/products/magento/apsb22-38.html _____________________________________________________________________ Security update available for Adobe Commerce | APSB22-38 Bulletin ID Date Published Priority APSB22-38 August 9, 2022 3 Summary Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important and moderate vulnerabilities.  Successful exploitation could lead to arbitrary code execution, privilege escalation and security feature bypass. Affected Versions Product Version Platform Adobe Commerce 2.4.3-p2 and earlier versions  All 2.3.7-p3 and earlier versions   All Adobe Commerce 2.4.4 and earlier versions  All Magento Open Source 2.4.3-p2 and earlier versions    All 2.3.7-p3 and earlier versions All Magento Open Source 2.4.4 and earlier versions  All Solution Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version. Product Updated Version Platform Priority Rating Installation Instructions Adobe Commerce 2.3.7-p4, 2.4.3-p3, 2.4.4-p1, 2.4.5 All 1 2.4.x release notes 2.3.x release notes Magento Open Source 2.3.7-p4, 2.4.3-p3, 2.4.4-p1, 2.4.5 All 1 Vulnerability Details Vulnerability Category Vulnerability Impact Severity Authentication required to exploit? Exploit requires admin privileges? CVSS base score CVSS vector Magento Bug ID CVE number(s) XML Injection (aka Blind XPath Injection) (CWE-91) Arbitrary code execution Critical Yes Yes 9.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H PRODSECBUG-3095 CVE-2022-34253 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) Arbitrary code execution Critical Yes Yes 8.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N PRODSECBUG-3081 CVE-2022-34254 Improper Input Validation (CWE-20) Privilege escalation Critical Yes Yes 8.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L PRODSECBUG-3082 CVE-2022-34255 Improper Authorization (CWE-285) Privilege escalation Critical Yes Yes 8.2 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N PRODSECBUG-3093 CVE-2022-34256 Cross-site Scripting (Stored XSS) (CWE-79) Arbitrary code execution Important Yes Yes 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N PRODSECBUG-3079 CVE-2022-34257 Cross-site Scripting (Stored XSS) (CWE-79) Arbitrary code execution Moderate Yes Yes 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N PRODSECBUG-3080 CVE-2022-34258 Improper Access Control (CWE-284) Security feature bypass Important Yes Yes 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L PRODSECBUG-3180 CVE-2022-34259 Adobe would like to thank the following researchers for reporting this issue and working with Adobe to help protect our customers: zb3 (zb3) -- CVE-2022-34253, CVE-2022-34255, CVE-2022-34256 Edgar Boda-Majer (eboda) - CVE-2022-34254, CVE-2022-34257 Salman Khan (salmanbabuzai) - CVE-2022-34258 Axel Flamcourt (axfla) - CVE-2022-34259 For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com. ========================================================+ CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + ======================================================= --------------aXvl7H9jQH2oemFXadlKIih1--