ГлавнаяУязвимости → CVE-2025-43586
8.1высокая

CVE-2025-43586

Описание

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized elevated access. Exploitation of this issue does not require user interaction.

Затрагиваемое ПО
Adobe CommerceAdobe Commerce b2bAdobe Magento
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Источники
https://helpx.adobe.com/security/products/magento/apsb25-50.html