Описание
Magento Open Source allows Improper Access Control
Adobe Commerce versions 2.4.3-p3 (and earlier), 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.
Пакеты
magento/community-edition
= 2.4.4-p1
2.4.4-p2
magento/community-edition
= 2.4.4
Отсутствует
magento/community-edition
= 2.4.5
Отсутствует
magento/community-edition
>= 2.4.3-p1, <= 2.4.3-p3
Отсутствует
magento/community-edition
= 2.4.3
Отсутствует
magento/project-community-edition
<= 2.0.2
Отсутствует
Связанные уязвимости
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.
Уязвимость программных платформ для разработки и управления онлайн магазинами Magento Open Source и Adobe Commerce, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности