Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required and scope is changed.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/magento/apsb24-40.html | Vendor Advisory |
https://helpx.adobe.com/security/products/magento/apsb24-40.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 09:18
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
References | () https://helpx.adobe.com/security/products/magento/apsb24-40.html - Vendor Advisory |
07 Aug 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required and scope is changed. |
09 Jul 2024, 15:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
First Time |
Adobe commerce Webhooks
Adobe Adobe commerce Adobe magento |
|
References | () https://helpx.adobe.com/security/products/magento/apsb24-40.html - Vendor Advisory | |
CPE | cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.3:ext-2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.3:ext-3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.2:ext-2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce_webhooks:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.2:ext-3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:* cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:* cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.2:ext-1:*:*:*:*:*:* cpe:2.3:a:adobe:commerce:2.4.3:ext-1:*:*:*:*:*:* |
13 Jun 2024, 18:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
13 Jun 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-13 09:15
Updated : 2024-11-21 09:18
NVD link : CVE-2024-34108
Mitre link : CVE-2024-34108
CVE.ORG link : CVE-2024-34108
JSON object : View
Products Affected
adobe
- commerce
- commerce_webhooks
- magento
CWE
CWE-20
Improper Input Validation