Improper access control

2023-03-2721:15:00

PRIOn knowledge base

www.prio-n.com

adobe commerce

2.4.4-p2

2.4.5-p1

improper access control vulnerability

security feature bypass

user's minor feature

exploitation

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.1%

JSON

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user’s minor feature. Exploitation of this issue does not require user interaction.

CPENameOperatorVersion
commerceeq2.4.4
commerceeq2.4.5
commerceeq2.4.4 p1
commercelt2.4.4
commerceeq2.4.5 p1
commerceeq2.4.4 p2
magento_open_sourcelt2.4.4
magento_open_sourceeq2.4.5
magento_open_sourceeq2.4.4 p1
magento_open_sourceeq2.4.4

Name	Operator	Version
commerce	eq	2.4.4
commerce	eq	2.4.5
commerce	eq	2.4.4 p1
commerce	lt	2.4.4
commerce	eq	2.4.5 p1
commerce	eq	2.4.4 p2
magento_open_source	lt	2.4.4
magento_open_source	eq	2.4.5
magento_open_source	eq	2.4.4 p1
magento_open_source	eq	2.4.4