VDB

BIT-magento-2024-34108

BIT-magento-2024-34108 PUBLISHED CVSS 9.100000381469727 CRITICAL

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required and scope is changed.

Risk Scores

CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
Bitnamimagento2.4.7-alpha0, 2.4.6-alpha0, 2.4.5-alpha0

Timeline

  • Jun 17, 2024 CVE Published
  • Feb 26, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›