Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-29287

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak minor user data. Exploitation of this issue does not require user interaction..

Published

2023-06-15T19:15:10.603

Last Modified

2024-11-21T07:56:48.080

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.3.7 Yes
Application adobe commerce 2.4.0 Yes
Application adobe commerce 2.4.0 Yes
Application adobe commerce 2.4.0 Yes
Application adobe commerce 2.4.1 Yes
Application adobe commerce 2.4.1 Yes
Application adobe commerce 2.4.1 Yes
Application adobe commerce 2.4.2 Yes
Application adobe commerce 2.4.2 Yes
Application adobe commerce 2.4.2 Yes
Application adobe commerce 2.4.3 Yes
Application adobe commerce 2.4.3 Yes
Application adobe commerce 2.4.3 Yes
Application adobe commerce 2.4.4 Yes
Application adobe commerce 2.4.4 Yes
Application adobe commerce 2.4.4 Yes
Application adobe commerce 2.4.4 Yes
Application adobe commerce 2.4.5 Yes
Application adobe commerce 2.4.5 Yes
Application adobe commerce 2.4.5 Yes
Application adobe commerce 2.4.6 Yes
Application adobe magento 2.4.4 Yes
Application adobe magento 2.4.4 Yes
Application adobe magento 2.4.4 Yes
Application adobe magento 2.4.4 Yes
Application adobe magento 2.4.5 Yes
Application adobe magento 2.4.5 Yes
Application adobe magento 2.4.5 Yes
Application adobe magento 2.4.6 Yes
References