There was a new security patch – SUPEE-6482 released on 04/Aug/2015, I would like to know what are the possible attacks that could affect and un patched shop and worst that could happen?
The patch – SUPEE-6482 addresses 4 issues with both products. Instead, the patch addresses 2 issues with Community Edition and 4 issues with Enterprise Edition.
Version: | Issues Addressed with Patch: |
Magento Community Edition | - Autoloaded File Inclusion in Magento SOAP API
Incorrect validation of a SOAP API request makes it possible to autoload code. The exploit requires the attacker to first log in with API credentials. Depending on the PHP version and/or configuration settings, code can then be loaded from a remote location. - SSRF Vulnerability in WSDL File
Incorrect encoding of API password can lead to probing internal network resources or remote file inclusion.
|
Magento Enterprise Edition | - Autoloaded File Inclusion in Magento SOAP API
Incorrect validation of a SOAP API request makes it possible to autoload code. The exploit requires the attacker to first log in with API credentials. Depending on the PHP version and/or configuration settings, code can then be loaded from a remote location. - SSRF Vulnerability in WSDL File
Incorrect encoding of API password can lead to probing internal network resources or remote file inclusion. - Cross-site Scripting Using Unvalidated Headers
Unvalidated host header leaks into response and page. Because the page can be cached, this leak poses a risk for all store customers because any HTML or JavaScript code can be injected. Such an exploit works only with specific server configurations, and allows an attacker to intercept a session or modify a page with fake credit card forms, etc. - XSS in Gift Registry Search
Cross-site scripting vulnerability affects registered users. Attack through unescaped search parameter. Risk of cookie theft and impersonating as the user.
|