CVE-2018-5763

An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 and 6.x before 6.0.1. By entering specially crafted URLs, an attacker is able to bring the shop server to a standstill and hence, it stops working. This is only valid if OXID High Performance Option is activated and Varnish is used.
References
Link Resource
https://oxidforge.org/en/security-bulletin-2018-001.html Mitigation Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:oxid-esales:eshop:6.0.0:rc1:*:*:enterprise:*:*:*
cpe:2.3:a:oxid-esales:eshop:6.0.0:rc2:*:*:enterprise:*:*:*
cpe:2.3:a:oxid-esales:eshop:6.0.0:rc3:*:*:enterprise:*:*:*
cpe:2.3:a:oxid-esales:eshop:6.0.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:oxid-esales:eshop:*:*:*:*:enterprise:*:*:*

Information

Published : 2018-02-19 09:29

Updated : 2018-03-20 05:26


NVD link : CVE-2018-5763

Mitre link : CVE-2018-5763

Products Affected
No products.
CWE