Vulnerabilities > CVE-2023-22250 - Unspecified vulnerability in Adobe Commerce and Magento Open Source

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

adobe

NVD

Published: 2023-03-27

Updated: 2024-11-21

Summary

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Commerce 2.4.4 Adobe Commerce 2.4.5 Adobe Commerce - Adobe Commerce 2.3.7 Adobe Commerce 2.4.0 Adobe Commerce 2.4.1 Adobe Commerce 2.4.2 Adobe Commerce 2.4.3 Adobe Magento Open Source 2.3.7 Adobe Magento Open Source 2.4.0 Adobe Magento Open Source 2.4.1 Adobe Magento Open Source 2.4.2 Adobe Magento Open Source 2.4.3 Adobe Magento Open Source 2.4.5 Adobe Magento Open Source 2.4.4	59

Summary

Vulnerable Configurations

References