CVE-2025-24427

Medium CVSS: 6.5

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.

Vendor

Adobe

Product

Commerce

CWE

CWE-284

Yayın Tarihi

2025-02-11 18:15:45

Güncelleme

2025-04-17 15:44:59

Source Identifier

psirt@adobe.com

KEV Date Added

Kategoriler

CWE-284 Commerce MEDIUM Adobe 2025

Referanslar

https://helpx.adobe.com/security/products/magento/apsb25-08.html

Benzer Kayıtlar

High

CVE-2026-27309

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbi…

High

CVE-2026-21361

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a…

Medium

CVE-2026-21360

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…

Medium

CVE-2026-21359

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…

High

CVE-2026-21311

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a…

Medium

CVE-2026-21310

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…