BIT-magento-2024-34107

BIT-magento-2024-34107 PUBLISHED CVSS 5.300000190734863 MEDIUM

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and view minor unauthorised information. Exploitation of this issue does not require user interaction.

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
Bitnami	magento	2.4.7-alpha0, 2.4.6-alpha0, 2.4.5-alpha0

Timeline

Jun 17, 2024 CVE Published
Feb 26, 2025 CVE Updated

References

https://helpx.adobe.com/security/products/magento/apsb24-40.html url

Open in Interactive Console →