Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Magento Observable Differences in Behavior to Error Inputs Vulnerability - CVE-2020-9588 - Vulnerability Database
Magento

Magento Observable Differences in Behavior to Error Inputs Vulnerability - CVE-2020-9588

High
Reference: CVE-2020-9588
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-9588
Title: Magento Observable Differences in Behavior to Error Inputs Vulnerability
Overview:

Magento versions 2.3.4 and earlier 2.2.11 and earlier (see note) 1.14.4.4 and earlier and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.