CVE-2024-39413

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 14, 2024

CWE ID 285

Summary

CVE-2024-39413 is a newly disclosed Improper Authorization vulnerability that puts Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and older at risk. This issue allows a low-privileged attacker to bypass crucial security measures without user interaction, potentially disclosing minor information. The vulnerability, which is not dependent on user input, poses a significant threat to the affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Commerce

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wowFvq
https://www.cve.org/CVERecord?id=CVE-2024-39413
https://nvd.nist.gov/vuln/detail/CVE-2024-39413

Back to Vulnerability Database