Description
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel.
Remediation
References
Related Vulnerabilities
PHP Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2004-0594)
WordPress Plugin Plainview Activity Monitor Remote Command Execution (20161228)
WordPress Plugin Display Posts Shortcode Unspecified Vulnerability (1.9)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)