Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2019-8124

An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Failure to track admin actions related to design configuration could lead to repudiation attacks.

  • Published: Nov 6, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-8124
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.9
  • AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
magento / magento 2.3.0 2.3.2
magento / magento 2.2.0 2.2.10
magento / magento 2.1.0 2.1.19
magento / magento 2.3.2 2.3.2.x