← Zuruck zu CVEs
CVE-2025-27206
MEDIUM5.3
Beschreibung
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.
CVE Details
CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht6/10/2025
Zuletzt geandert6/23/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
adobe:commerceadobe:commerce_b2badobe:magento
Schwachen (CWE)
CWE-284
Referenzen
https://helpx.adobe.com/security/products/magento/apsb25-50.html(psirt@adobe.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.