CVE-2024-39411

Summary

CVE-2024-39411 is a newly identified vulnerability affecting Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9, and older. This issue represents an Improper Authorization vulnerability, which enables a low-privileged attacker to bypass security measures without user interaction. Consequently, attackers could potentially disclose minor information. The impact of this vulnerability is significant, as it allows unauthorized access to sensitive data within the affected systems. Users are strongly encouraged to update their Adobe Commerce installations as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.