CVE-2024-47173

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-47173
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w
Configurations

No configuration.

History

25 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) Aimeos es un framework de comercio electrónico. Todas las configuraciones de SaaS y de mercado que utilizan la interfaz de administración de la API GraphQL de Aimeos, desde la versión 2024.04 hasta la 2024.07.1, se ven afectadas por un posible ataque de denegación de servicio. La versión 2024.07.2 soluciona el problema.

24 Oct 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-24 19:15

Updated : 2024-10-25 12:56

NVD link : CVE-2024-47173

Mitre link : CVE-2024-47173

CVE.ORG link : CVE-2024-47173

JSON object : View

Products Affected

No product.

CWE
CWE-270

Privilege Context Switching Error


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024