Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited impact to the integrity and availability of data. The exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

授权机制不正确

Adobe Commerce 安全漏洞

Adobe Commerce是美国奥多比（Adobe）公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce 2.4.9-alpha3版本、2.4.8-p3版本、2.4.7-p8版本、2.4.6-p13版本、2.4.5-p15版本和2.4.4-p16版本及之前版本存在安全漏洞，该漏洞源于授权不当，可能导致攻击者绕过安全措施，对数据的完整性和可用性造成有限影响。

N/A

N/A