Magento versions 2.4.1 and earlier are vulnerable to insecure direct object reference (IDOR) in product module
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
Prion | Authentication flaw | 11 Feb 202120:15 | – | prion |
OSV | BIT-magento-2021-21022 | 6 Mar 202411:00 | – | osv |
OSV | CVE-2021-21022 | 11 Feb 202120:15 | – | osv |
OSV | Magento Insecure Direct Object Reference (IDOR) in the product module | 24 May 202217:41 | – | osv |
Cvelist | CVE-2021-21022 Magento Commerce Incorrect permissions Could Lead To Unauthorized Access | 11 Feb 202119:29 | – | cvelist |
NVD | CVE-2021-21022 | 11 Feb 202120:15 | – | nvd |
Github Security Blog | Magento Insecure Direct Object Reference (IDOR) in the product module | 24 May 202217:41 | – | github |
Adobe | APSB21-08 Security updates available for Magento | 9 Feb 202100:00 | – | adobe |
[
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.4.0-p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]
Source | Link |
---|---|
helpx | www.helpx.adobe.com/security/products/magento/apsb21-08.html |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo