Miggo Logo

CVE-2020-13997: Shopware database password is leaked to an unauthenticated users

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.76729%
Published
5/24/2022
Updated
7/8/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
shopware/corecomposer>= 6.0.0, < 6.2.36.2.3
shopware/platformcomposer>= 6.0.0, < 6.2.36.2.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key components: 1) The database connection logic that includes credentials in error messages during connection failures, and 2) The error handling system that displays these raw error messages to end-users when verbose mode is active. The combination of these functions leads to credential exposure through unhandled exception messages containing database connection details. The patched version (6.2.3) likely added filtering/redaction in these components.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In S*opw*r* * ***or* *.*.*, t** **t***s* p*sswor* is l**k** to *n un*ut**nti**t** us*r w**n * *riv*r*x**ption o**urs *n* v*r*os* *rror **n*lin* is *n**l**. T*is vuln*r**ility *o*s not *****t t** s*opw*r* * r*l**s* *r*n** (`s*opw*r*/s*opw*r*` on p**k*

Reasoning

T** vuln*r**ility st*ms *rom two k*y *ompon*nts: *) T** **t***s* *onn**tion lo*i* t**t in*lu**s *r***nti*ls in *rror m*ss***s *urin* *onn**tion **ilur*s, *n* *) T** *rror **n*lin* syst*m t**t *ispl*ys t**s* r*w *rror m*ss***s to *n*-us*rs w**n v*r*os