Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.
2023-08-09T08:15:09.660
2024-11-21T08:13:05.447
Modified
CVSSv3.1: 6.5 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | adobe | commerce | < 2.4.4 | Yes |
Application | adobe | commerce | 2.4.4 | Yes |
Application | adobe | commerce | 2.4.4 | Yes |
Application | adobe | commerce | 2.4.4 | Yes |
Application | adobe | commerce | 2.4.4 | Yes |
Application | adobe | commerce | 2.4.4 | Yes |
Application | adobe | commerce | 2.4.5 | Yes |
Application | adobe | commerce | 2.4.5 | Yes |
Application | adobe | commerce | 2.4.5 | Yes |
Application | adobe | commerce | 2.4.5 | Yes |
Application | adobe | commerce | 2.4.6 | Yes |
Application | adobe | commerce | 2.4.6 | Yes |