CVE-2021-21032: Magento vulnerability

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful exploitation.

How to mitigate CVE-2021-21032

Time needed: 5 minutes.

Follow the instructions, as they will assist you in mitigating the Magento vulnerability that been reported in CVE-2021-21032.

  1. Install the latest version of Magento

    Navigate to the official Magento website and download the latest version of Magento. The latest version contains the CVE-2021-21032 fix.
    Update to the latest version

  2. Perform a vulnerability assessment

    Perform a scan on your Magento environment(s), and check for vulnerabilities. Verify if CVE-2021-21032 has been mitigated.

  3. Utilize the references

    The CVE-2021-21032 references have been provided for a reason. Utilize these references and make sure that you are correctly informed.

References

  • helpx.adobe.com/security/products/magento/apsb21-08.html
  • helpx.adobe.com/security/products/magento/apsb21-08.html
  • Share this information