CVE-2020-15109

{"id": "CVE-2020-15109", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-08-04T23:15:10.347", "references": [{"url": "https://gist.github.com/kennyadsl/4618cd9797984cb64f7700a81bda889d", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/solidusio/solidus/security/advisories/GHSA-3mvg-rrrw-m7ph", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://gist.github.com/kennyadsl/4618cd9797984cb64f7700a81bda889d", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/solidusio/solidus/security/advisories/GHSA-3mvg-rrrw-m7ph", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zone are impacted. This problem comes from how checkout permitted attributes are structured. We have a single list of attributes that are permitted across the whole checkout, no matter the step that is being submitted. See the linked reference for more information. As a workaround, if it is not possible to upgrade to a supported patched version, please use this gist in the references section."}, {"lang": "es", "value": "En solidus versiones anteriores a 2.8.6, 2.9.6 y 2.10.2, se presenta la posibilidad de cambiar la direcci\u00f3n del pedido sin activar comprobaciones de direcci\u00f3n. Esta vulnerabilidad permite a un cliente malicioso crear datos de petici\u00f3n con par\u00e1metros que permitan cambiar la direcci\u00f3n del pedido actual sin cambiar los costos de env\u00edo asociados con el nuevo env\u00edo. Todas las tiendas con al menos dos zonas de env\u00edo y diferentes costos de env\u00edo por zona est\u00e1n afectadas. Este problema proviene de c\u00f3mo se estructuran los atributos permitidos de pago. Tenemos una lista \u00fanica de atributos que est\u00e1n permitidos en todo el proceso de pago, sin importar el paso que esta siendo enviado. Consulte la referencia vinculada para m\u00e1s informaci\u00f3n. Como una soluci\u00f3n alternativa, si no es posible actualizar a una versi\u00f3n parcheada compatible, use esta esencia en la secci\u00f3n de referencias"}], "lastModified": "2024-11-21T05:04:49.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nebulab:solidus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AE5C6C1-50C2-4D8A-A1A1-1679BF2BD616", "versionEndExcluding": "2.8.6"}, {"criteria": "cpe:2.3:a:nebulab:solidus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83119E07-1C20-4CD2-8561-2B6AF76A460C", "versionEndExcluding": "2.9.6", "versionStartIncluding": "2.9.0"}, {"criteria": "cpe:2.3:a:nebulab:solidus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57EEBC07-382C-4A07-965F-CD2FB7110CC9", "versionEndExcluding": "2.10.2", "versionStartIncluding": "2.10.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}