ГлавнаяУязвимости → CVE-2024-45148
8.8высокая

CVE-2024-45148

Описание

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to gain unauthorized access without proper credentials. Exploitation of this issue does not require user interaction.

Затрагиваемое ПО
Adobe CommerceAdobe Commerce b2bAdobe Magento
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://helpx.adobe.com/security/products/magento/apsb24-73.html