Detections
Analytics
Magento Data Files
high Web App Scanning Plugin ID 98987
Language:
Synopsis
Magento Data FilesDescription
Magento data files have been detected on the target web application. These files may contain sensitive information about confidential customer's data.Solution
Magento data files should not be publicly available on Internet. Access to these files must be restricted or blocked.See Also
https://docs.magento.com/m1/ce/user_guide/magento/magento-security-best-practices.html
Plugin Details
Severity: High
ID: 98987
Type: remote
Family: Web Applications
Published: 4/13/2021
Updated: 9/7/2021
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Score Source: Tenable
CVSS v4
Risk Factor: High
Base Score: 8.7
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: Tenable