← Volver a CVEs
CVE-2024-45118
MEDIUM6.5
Descripcion
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.
Detalles CVE
Puntuacion CVSS v3.16.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado10/10/2024
Ultima modificacion10/10/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
adobe:commerceadobe:commerce_b2badobe:magento
Debilidades (CWE)
CWE-284
Referencias
https://helpx.adobe.com/security/products/magento/apsb24-73.html(psirt@adobe.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.