Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.

The version of Adobe Commerce/Magento Open Source installed on the remote host falls within one of the following ranges   2.4.7 < 2.4.7-p1 (Adobe Commerce) / 2.4.6 < 2.4.6-p6 (Adobe Commerce) / 2.4.5 < 2.4.5-p8 (Adobe Commerce)   / 2.4.4 < 2.4.4-p9 (Adobe Commerce) / 2.4.3 < 2.4.3-ext-8 (Adobe Commerce) / 2.4.2 < 2.4.2-ext-8 (Adobe Commerce) /   2.4.7 < 2.4.7-p1 (Magento Open Source) / 2.4.6 < 2.4.6-p6 (Magento Open Source) / 2.4.5 < 2.4.5-p8 (Magento Open Source)   and  2.4.4 < 2.4.4-p9 (Magento Open Source) 

 It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-40 advisory.

  - Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of     XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker     could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation     of this issue does not require user interaction. (CVE-2024-34102)

  - Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request     Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker     can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue     does not require user interaction. (CVE-2024-34111)

  - Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication     vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain     unauthorized access or elevated privileges within the application. Exploitation of this issue does not require     user interaction, but attack complexity is high. (CVE-2024-34103)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Magento application running on the remote web server is affected by an XML external entity injection (XXE) vulnerability due to improper parsing of XML data with nested deserialization. A remote, unauthenticated attacker can exploit this vulnerability, via HTTP, to execute arbitrary code on the remote host.

Adobe Magento Open Source / Commerce versions 2.4.7 < 2.4.7-p1, 2.4.6 < 2.4.6-p6, 2.4.5 < 2.4.5-p8, 2.4.4 < 2.4.4-p9 and earlier suffer from an XML External Entity (XXE) vulnerability. By exploiting this vulnerability and crafting a malicious XML document, a remote and unauthenticated attacker could achieve Remote Code Execution (RCE) on the vulnerable Magento instance.

ID	Name	Product	Family	Severity
242634	Adobe Commerce/Magento Open Source Multiple Vulnerabilities (APSB24-40)	Nessus	Misc.	critical
206274	Magento XXE (CVE-2024-34102)	Nessus	CGI abuses	critical
114325	Adobe Commerce / Magento XML External Entity Injection (CosmicSting)	Web App Scanning	Component Vulnerability	critical

Detections

Analytics

CVE-2024-34102

critical

Tenable Plugins

critical

critical

critical