Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/magento/apsb25-50.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
23 Jun 2025, 19:25
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adobe commerce B2b
Adobe magento Adobe Adobe commerce |
|
CPE | cpe:2.3:a:adobe:magento:2.4.5:p11:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.8:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:p5:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:p5:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.3:p11:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.5:p8:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p10:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.5.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.4:p10:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.4:-:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.8:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p13:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.5:p7:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p12:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.4:p9:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p8:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p9:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p7:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p8:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.3:p12:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p10:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.3:p13:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p10:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.5:p10:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.4:p12:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.4:p11:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p7:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:beta3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.5:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.7:p3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p12:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p11:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p10:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.4.2:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p9:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce_b2b:1.3.5:p9:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p9:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p9:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:beta3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:* |
|
References | () https://helpx.adobe.com/security/products/magento/apsb25-50.html - Vendor Advisory |
12 Jun 2025, 16:06
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
10 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-10 16:15
Updated : 2025-06-23 19:25
NVD link : CVE-2025-27206
Mitre link : CVE-2025-27206
CVE.ORG link : CVE-2025-27206
JSON object : View
Products Affected
adobe
- commerce
- commerce_b2b
- magento
CWE
CWE-284
Improper Access Control