Detections
Analytics
Magento Unsupported Version
critical Web App Scanning Plugin ID 112520
Language:
Synopsis
Magento Unsupported VersionDescription
The installation of Magento detected on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.Solution
Upgrade to a supported version of Magento.See Also
https://magento.com/blog/magento-news/supporting-magento-1-through-june-2020
https://magento.com/sites/default/files/magento-software-lifecycle-policy.pdf
Plugin Details
Severity: Critical
ID: 112520
Type: remote
Family: Component Vulnerability
Published: 6/30/2020
Updated: 1/11/2024
Scan Template: api, basic, full, pci, scan
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: Tenable
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS Score Source: Tenable
Reference Information
CWE: 16
OWASP: 2010-A6, 2013-A5, 2013-A9, 2017-A6, 2017-A9, 2021-A5, 2021-A6
WASC: Application Misconfiguration
DISA STIG: APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-CM-6b
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-14.2.1
PCI-DSS: 3.2-6.2