VDB
BIT-magento-2024-34103
BIT-magento-2024-34103
PUBLISHED
CVSS 8.100000381469727 HIGH
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | magento | 2.4.7-alpha0, 2.4.6-alpha0, 2.4.5-alpha0 |
Timeline
- Jun 17, 2024 CVE Published
- Aug 7, 2024 CVE Updated