CVE-2019-7855

A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*
cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*
cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*

History

No history.

Information

Published : 2019-08-02 22:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-7855

Mitre link : CVE-2019-7855

CVE.ORG link : CVE-2019-7855


JSON object : View

Products Affected

magento

  • magento
CWE
CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)