5 matches found
CVE-2025-27207
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized re...
CVE-2024-34104 Adobe Commerce | Improper Authorization (CWE-285)
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both...
PT-2023-2050 · Adobe · Commerce
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.4-p2 and earlier Adobe Commerce versions 2.4.5-p1 and earlier Description: The issue is related to errors in processing XML requests, which could allow a remote attacker to gain unauthorized access to protected...
PT-2022-6405 · Adobe · Commerce
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.4-p1 and earlier Adobe Commerce versions 2.4.5 and earlier Description: The issue is related to an Improper Access Control that could result in a Security feature bypass. An attacker could leverage this vulnerabili...
PT-2022-4402 · Adobe · Commerce
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.3-p2 and earlier Adobe Commerce versions 2.3.7-p3 and earlier Adobe Commerce versions 2.4.4 and earlier Description: The issue is related to an Improper Access Control that could result in a Security feature bypass...