{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T22:20:21.525","vulnerabilities":[{"cve":{"id":"CVE-2019-8232","sourceIdentifier":"psirt@adobe.com","published":"2019-11-06T00:15:13.203","lastModified":"2024-11-21T04:49:32.337","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification."},{"lang":"es","value":"En Magento versiones anteriores a la versión  1.9.4.3, Magento versiones anteriores a la versión  1.14.4.3, Magento versiones 2.2 anteriores a 2.2.10 y Magento versiones 2.3 anteriores a 2.3.3 o 2.3.2-p1, un usuario autenticado con privilegios administrativos para la funcionalidad de importación puede ejecutar código arbitrario por medio de una condición de carrera que permite la modificación del archivo de configuración del servidor web."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*","versionStartIncluding":"1.5.0.0","versionEndExcluding":"1.9.4.3","matchCriteriaId":"D463F1B6-7A1A-45A6-A2B4-654FAFD0E231"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*","versionStartIncluding":"1.9.0.0","versionEndExcluding":"1.14.4.3","matchCriteriaId":"795C485A-D4B2-4B67-9766-D00BC6BE7FA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*","versionStartIncluding":"2.2.0","versionEndExcluding":"2.2.10","matchCriteriaId":"24318637-C95B-4811-87F5-14A6F4EDE2EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*","versionStartIncluding":"2.2.0","versionEndExcluding":"2.2.10","matchCriteriaId":"A06CF88F-F067-4058-9306-864FEA3D7062"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*","versionStartIncluding":"2.3.0","versionEndExcluding":"2.3.2","matchCriteriaId":"B720D2FA-A6FD-49A3-8B78-07993560081D"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*","versionStartIncluding":"2.3.0","versionEndExcluding":"2.3.2","matchCriteriaId":"6B8C5A27-2957-4373-B0FE-8C7585B4B04E"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:2.3.2:-:*:*:commerce:*:*:*","matchCriteriaId":"ED7EB5B4-33F4-4389-BCA4-50A113F8C719"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:2.3.2:-:*:*:open_source:*:*:*","matchCriteriaId":"465133F9-0BFE-491E-8FE8-A263F9E2FC1D"}]}]}],"references":[{"url":"https://magento.com/security/patches/supee-11219","source":"psirt@adobe.com","tags":["Vendor Advisory"]},{"url":"https://magento.com/security/patches/supee-11219","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}