Vulnerabilities > CVE-2023-34099 - Improper Check for Unusual or Exceptional Conditions vulnerability in Shopware

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

shopware

CWE-754

NVD

Published: 2023-06-27

Updated: 2023-07-06

Summary

Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Shopware Shopware Shopware 5.1.4 Shopware Shopware 5.1.5 Shopware Shopware 5.1.6 Shopware Shopware 5.2.0 Shopware Shopware 5.2.1 Shopware Shopware 5.2.2 Shopware Shopware 5.2.3 Shopware Shopware 5.2.4 Shopware Shopware 5.2.5 Shopware Shopware 5.2.6 Shopware Shopware 5.2.7 Shopware Shopware 5.2.8 Shopware Shopware 5.2.9 Shopware Shopware 5.2.10 Shopware Shopware 5.2.11 Shopware Shopware 5.2.12 Shopware Shopware 5.2.13 Shopware Shopware 5.2.14 Shopware Shopware 5.2.15 Shopware Shopware 5.2.16 Shopware Shopware 5.2.17 Shopware Shopware 5.2.18 Shopware Shopware 5.2.19 Shopware Shopware 5.2.20 Shopware Shopware 5.2.21 Shopware Shopware 5.2.22 Shopware Shopware 5.2.23 Shopware Shopware 5.2.24 Shopware Shopware 5.2.25 Shopware Shopware 5.2.26 Shopware Shopware 5.2.27 Shopware Shopware 5.3.0 Shopware Shopware 5.3.1 Shopware Shopware 5.3.2 Shopware Shopware 5.3.3 Shopware Shopware 5.3.4 Shopware Shopware 5.3.5 Shopware Shopware 5.3.6 Shopware Shopware 5.3.7 Shopware Shopware 5.4.0 Shopware Shopware 5.4.1 Shopware Shopware 5.4.2 Shopware Shopware 5.4.3 Shopware Shopware 5.4.4 Shopware Shopware 5.4.5 Shopware Shopware 5.4.6 Shopware Shopware 5.5.0 Shopware Shopware 5.5.1 Shopware Shopware 5.5.2 Shopware Shopware 5.5.3 Shopware Shopware 5.5.4 Shopware Shopware 5.5.5 Shopware Shopware 5.5.6 Shopware Shopware 5.5.7 Shopware Shopware 5.5.8 Shopware Shopware 5.5.9 Shopware Shopware 5.5.10 Shopware Shopware 5.6.0 Shopware Shopware 5.6.1 Shopware Shopware 5.6.2 Shopware Shopware 5.6.3 Shopware Shopware 5.6.4 Shopware Shopware 5.6.5 Shopware Shopware 5.6.6 Shopware Shopware 5.6.7 Shopware Shopware 5.6.8 Shopware Shopware 5.6.9 Shopware Shopware 5.6.10 Shopware Shopware 5.7.0 Shopware Shopware 5.7.1 Shopware Shopware 5.7.2 Shopware Shopware 5.7.3 Shopware Shopware 5.7.4 Shopware Shopware 5.7.5 Shopware Shopware 5.7.6 Shopware Shopware 5.7.7 Shopware Shopware 5.7.8 Shopware Shopware 5.7.9 Shopware Shopware 5.7.10 Shopware Shopware 5.7.11 Shopware Shopware 5.7.12 Shopware Shopware 5.7.13 Shopware Shopware 5.7.14 Shopware Shopware 5.7.15	92

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References