CVE-2023-29293

CVSS 3.1 Score 2.7 of 10 (low)

Details

Published Jun 15, 2023

Updated: Jun 22, 2023

CWE ID 20

Summary

CVE-2023-29293 is a newly disclosed vulnerability affecting Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier, and 2.4.4-p3 and earlier. This issue involves improper input validation, which can lead to a security feature bypass. An attacker with admin privileges can exploit this vulnerability to impact the availability of a user's minor feature without requiring user interaction. This vulnerability poses a significant risk to the affected versions and requires immediate attention for patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Commerce

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roCFl_
https://www.cve.org/CVERecord?id=CVE-2023-29293
https://nvd.nist.gov/vuln/detail/CVE-2023-29293

Back to Vulnerability Database