How severe is CVE-2019-8232?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2019-8232?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2019-8232

MEDIUM Year: 2019

CVSS v3 Score

6.6

Medium

CVSS v2 Score

6.0

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification.

CVE-2018-19370

MEDIUM

CVSS:6.6(Medium)

A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execu...

CWE-3622018

CVE-2019-19580

MEDIUM

CVSS:6.6(Medium)

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an inco...

CWE-3622019