Lucene search

CVE-2021-21020

🗓️ 11 Feb 2021 20:14:15Reported by [email protected]Type

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier, and 2.3.6 and earlier are vulnerable to access control bypass in Login as Customer module, leading to unauthorized access

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2021-21020	11 Feb 202120:15	–	osv
OSV	Magento Improper Access Control	24 May 202217:41	–	osv
OSV	BIT-magento-2021-21020	6 Mar 202411:01	–	osv
CVE	CVE-2021-21020	11 Feb 202120:15	–	cve
Cvelist	CVE-2021-21020 Magento Commerce Improper Access Control Vulnerability	11 Feb 202119:29	–	cvelist
CNVD	Adobe Magento Access Control Bypass Vulnerability	10 Feb 202100:00	–	cnvd
Prion	Improper access control	11 Feb 202120:15	–	prion
Github Security Blog	Magento Improper Access Control	24 May 202217:41	–	github
Adobe	APSB21-08 Security updates available for Magento	9 Feb 202100:00	–	adobe

Nvd

Node

magento magentoRange<2.3.6commerce

magento magentoRange<2.3.6open_source

magento magentoMatch2.3.6-commerce

magento magentoMatch2.3.6-open_source

magento magentoMatch2.4.0-commerce

magento magentoMatch2.4.0-open_source

magento magentoMatch2.4.0p1commerce

magento magentoMatch2.4.0p1open_source

magento magentoMatch2.4.1-commerce

magento magentoMatch2.4.1-open_source

Source	Link
helpx	www.helpx.adobe.com/security/products/magento/apsb21-08.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Feb 2021 20:15Current

CVSS24.3

CVSS35.3

EPSS0.0019

CWE-284