Miggo Logo
Miggo Vulnerability Database
CVE-2023-32064

CVE-2023-32064: OroCommerce Customer Portal Incorrect Customer and Customer Group Frontend Menus pages visibility

4.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-32064
GHSA ID
GHSA-8gwj-68w6-7v6c
EPSS Score
0.24382%
CWE
CWE-284
Published
11/27/2023
Updated
12/4/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
oro/customer-portalcomposer>= 4.2.0, <= 4.2.8
oro/customer-portalcomposer>= 5.0.0, < 5.0.115.0.11
oro/customer-portalcomposer>= 5.1.0, < 5.1.15.1.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

***k-o**i** us*rs **n ****ss in*orm*tion **out *ustom*r *n* *ustom*r Us*r m*nus, *yp*ssin* **L s**urity r*stri*tions *u* to insu**i*i*nt s**urity ****ks.

Reasoning

No *n*lysis *v*il**l*