aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to manage own services via GraphQL API which isn't allowed in the JQAdm front end. Versions 2022.10.10, 2023.10.6, and 2024.4.2 contain a patch for the issue.
References
Configurations
No configuration.
History
03 Jul 2024, 12:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Jul 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-02 21:15
Updated : 2024-07-03 12:53
NVD link : CVE-2024-39324
Mitre link : CVE-2024-39324
CVE.ORG link : CVE-2024-39324
JSON object : View
Products Affected
No product.