Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/magento/apsb23-50.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Dec 2023, 16:54
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-13 07:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-38218
Mitre link : CVE-2023-38218
CVE.ORG link : CVE-2023-38218
JSON object : View
Products Affected
adobe
- commerce
- magento
CWE
CWE-863
Incorrect Authorization