BIT-magento-2024-34109

BIT-magento-2024-34109 PUBLISHED CVSS 7.199999809265137 HIGH

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required.

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Bitnami	magento	2.4.7-alpha0, 2.4.6-alpha0, 2.4.5-alpha0

Timeline

Jun 17, 2024 CVE Published
Jul 18, 2024 CVE Updated

References

https://helpx.adobe.com/security/products/magento/apsb24-40.html url

Open in Interactive Console →