CVE-2023-22731

2023-01-1722:15:10

CWE-94

[email protected]

web.nvd.nist.gov

shopware

cve-2023-22731

twig

php

symfony

vue js

vulnerability

security

update

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.4%

JSON

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment without the Sandbox extension, it is possible to refer to PHP functions in twig filters like map, filter, sort. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.

Affected configurations

Vulners

NVD

Node

shopwareshopwareRange<6.4.18.1

VendorProductVersionCPE
shopwareshopware*cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
shopware	shopware	*	cpe:2.3:a:shopware:shopware::::::::

CNA Affected

[
  {
    "vendor": "shopware",
    "product": "platform",
    "versions": [
      {
        "version": "< 6.4.18.1",
        "status": "affected"
      }
    ]
  }
]