CVE-2025-27190

🗓️ 08 Apr 2025 20:17:12Reported by adobeType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 65 Views

Improper Access Control in Adobe Commerce could allow attackers unauthorized access without user interaction.

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions.	23 Apr 202500:00	–	bdu_fstec
Circl	CVE-2025-27190	9 Apr 202500:02	–	circl
CNNVD	Adobe Commerce 访问控制错误漏洞	8 Apr 202500:00	–	cnnvd
CNVD	Adobe Commerce Access Control Error Vulnerability (CNVD-2025-08783)	18 Apr 202500:00	–	cnvd
Cvelist	CVE-2025-27190 Adobe Commerce \| Improper Access Control (CWE-284)	8 Apr 202520:17	–	cvelist
EUVD	EUVD-2025-14841	3 Oct 202520:07	–	euvd
Github Security Blog	Magento Improper Access Control leads to Security feature bypass	8 Apr 202521:31	–	github
NVD	CVE-2025-27190	8 Apr 202521:15	–	nvd
OSV	GHSA-6WQ7-CG9H-MJ6Q Magento Improper Access Control leads to Security feature bypass	8 Apr 202521:31	–	osv
Positive Technologies	PT-2025-15648 · Adobe · Commerce	8 Apr 202500:00	–	ptsecurity

NVD

Vulners

Node

adobe commerceMatch2.4.4-

adobe commerceMatch2.4.4p1

adobe commerceMatch2.4.4p10

adobe commerceMatch2.4.4p11

adobe commerceMatch2.4.4p12

adobe commerceMatch2.4.4p2

adobe commerceMatch2.4.4p3

adobe commerceMatch2.4.4p4

adobe commerceMatch2.4.4p5

adobe commerceMatch2.4.4p6

adobe commerceMatch2.4.4p7

adobe commerceMatch2.4.4p8

adobe commerceMatch2.4.4p9

adobe commerceMatch2.4.5-

adobe commerceMatch2.4.5p1

adobe commerceMatch2.4.5p10

adobe commerceMatch2.4.5p11

adobe commerceMatch2.4.5p2

adobe commerceMatch2.4.5p3

adobe commerceMatch2.4.5p4

adobe commerceMatch2.4.5p5

adobe commerceMatch2.4.5p6

adobe commerceMatch2.4.5p7

adobe commerceMatch2.4.5p8

adobe commerceMatch2.4.5p9

adobe commerceMatch2.4.6-

adobe commerceMatch2.4.6p1

adobe commerceMatch2.4.6p2

adobe commerceMatch2.4.6p3

adobe commerceMatch2.4.6p4

adobe commerceMatch2.4.6p5

adobe commerceMatch2.4.6p6

adobe commerceMatch2.4.6p7

adobe commerceMatch2.4.6p8

adobe commerceMatch2.4.6p9

adobe commerceMatch2.4.7-

adobe commerceMatch2.4.7b1

adobe commerceMatch2.4.7b2

adobe commerceMatch2.4.7beta3

adobe commerceMatch2.4.7p1

adobe commerceMatch2.4.7p2

adobe commerceMatch2.4.7p3

adobe commerceMatch2.4.7p4

adobe commerceMatch2.4.8beta2

Node

adobe commerce_b2bMatch1.3.3-

adobe commerce_b2bMatch1.3.3p10

adobe commerce_b2bMatch1.3.3p11

adobe commerce_b2bMatch1.3.3p12

adobe commerce_b2bMatch1.3.4-

adobe commerce_b2bMatch1.3.4p10

adobe commerce_b2bMatch1.3.4p11

adobe commerce_b2bMatch1.3.4p12

adobe commerce_b2bMatch1.3.4p9

adobe commerce_b2bMatch1.3.5-

adobe commerce_b2bMatch1.3.5p10

adobe commerce_b2bMatch1.3.5p7

adobe commerce_b2bMatch1.3.5p8

adobe commerce_b2bMatch1.3.5p9

adobe commerce_b2bMatch1.4.2-

adobe commerce_b2bMatch1.4.2p1

adobe commerce_b2bMatch1.4.2p2

adobe commerce_b2bMatch1.4.2p3

adobe commerce_b2bMatch1.4.2p4

adobe commerce_b2bMatch1.5.1-

Node

adobe magentoMatch2.4.4-open_source

adobe magentoMatch2.4.4p1open_source

adobe magentoMatch2.4.4p10open_source

adobe magentoMatch2.4.4p11open_source

adobe magentoMatch2.4.4p12open_source

adobe magentoMatch2.4.4p2open_source

adobe magentoMatch2.4.4p3open_source

adobe magentoMatch2.4.4p4open_source

adobe magentoMatch2.4.4p5open_source

adobe magentoMatch2.4.4p6open_source

adobe magentoMatch2.4.4p7open_source

adobe magentoMatch2.4.4p8open_source

adobe magentoMatch2.4.4p9open_source

adobe magentoMatch2.4.5-open_source

adobe magentoMatch2.4.5p1open_source

adobe magentoMatch2.4.5p10open_source

adobe magentoMatch2.4.5p11open_source

adobe magentoMatch2.4.5p2open_source

adobe magentoMatch2.4.5p3open_source

adobe magentoMatch2.4.5p4open_source

adobe magentoMatch2.4.5p5open_source

adobe magentoMatch2.4.5p6open_source

adobe magentoMatch2.4.5p7open_source

adobe magentoMatch2.4.5p8open_source

adobe magentoMatch2.4.5p9open_source

adobe magentoMatch2.4.6-open_source

adobe magentoMatch2.4.6p1open_source

adobe magentoMatch2.4.6p2open_source

adobe magentoMatch2.4.6p3open_source

adobe magentoMatch2.4.6p4open_source

adobe magentoMatch2.4.6p5open_source

adobe magentoMatch2.4.6p6open_source

adobe magentoMatch2.4.6p7open_source

adobe magentoMatch2.4.6p8open_source

adobe magentoMatch2.4.6p9open_source

adobe magentoMatch2.4.7-open_source

adobe magentoMatch2.4.7b1open_source

adobe magentoMatch2.4.7b2open_source

adobe magentoMatch2.4.7beta3open_source

adobe magentoMatch2.4.7p1open_source

adobe magentoMatch2.4.7p2open_source

adobe magentoMatch2.4.7p3open_source

adobe magentoMatch2.4.7p4open_source

adobe magentoMatch2.4.8beta2open_source

[
  {
    "defaultStatus": "affected",
    "product": "Adobe Commerce",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "2.4.8-beta2",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/magento/apsb25-26.html

23 Jun 2025 19:30Current

7.1High risk

Vulners AI Score7.1

CVSS 3.15.3

EPSS0.00266

SSVC

CWE-284