CVE-2024-5915

CVE-2024-5915

Título es
CVE-2024-5915

Mié, 14/08/2024 – 17:15

Tipo
CWE-732

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-5915

Descripción en
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.

14/08/2024
14/08/2024
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

  • https://security.paloaltonetworks.com/CVE-2024-5915

    • Enviar en el boletín
    Off

    CVE-2024-5914

    CVE-2024-5914

    Título es
    CVE-2024-5914

    Mié, 14/08/2024 – 17:15

    Tipo
    CWE-77

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-5914

    Descripción en
    A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.

    14/08/2024
    14/08/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://security.paloaltonetworks.com/CVE-2024-5914

    • Enviar en el boletín
    Off

    CVE-2023-50314

    CVE-2023-50314

    Título es
    CVE-2023-50314

    Mié, 14/08/2024 – 18:15

    Tipo
    CWE-295

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2023-50314

    Descripción en
    IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713.

    14/08/2024
    14/08/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://exchange.xforce.ibmcloud.com/vulnerabilities/274713

  • https://www.ibm.com/support/pages/node/7165502

    • Enviar en el boletín
    Off

    CVE-2024-31882

    CVE-2024-31882

    Título es
    CVE-2024-31882

    Mié, 14/08/2024 – 18:15

    Tipo
    CWE-943

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-31882

    Descripción en
    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614.

    14/08/2024
    14/08/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://exchange.xforce.ibmcloud.com/vulnerabilities/287614

  • https://www.ibm.com/support/pages/node/7165338

    • Enviar en el boletín
    Off

    CVE-2024-35136

    CVE-2024-35136

    Título es
    CVE-2024-35136

    Mié, 14/08/2024 – 18:15

    Tipo
    CWE-943

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-35136

    Descripción en
    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 291307.

    14/08/2024
    14/08/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://exchange.xforce.ibmcloud.com/vulnerabilities/291307

  • https://www.ibm.com/support/pages/node/7165341

    • Enviar en el boletín
    Off

    CVE-2024-37529

    CVE-2024-37529

    Título es
    CVE-2024-37529

    Mié, 14/08/2024 – 18:15

    Tipo
    CWE-789

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-37529

    Descripción en
    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 294295.

    14/08/2024
    14/08/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639

  • https://www.ibm.com/support/pages/node/7165342

    • Enviar en el boletín
    Off

    CVE-2024-35152

    CVE-2024-35152

    Título es
    CVE-2024-35152

    Mié, 14/08/2024 – 18:15

    Tipo
    CWE-789

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-35152

    Descripción en
    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639.

    14/08/2024
    14/08/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639

  • https://www.ibm.com/support/pages/node/7165342

    • Enviar en el boletín
    Off

    CVE-2024-39412

    CVE-2024-39412

    Título es
    CVE-2024-39412

    Mié, 14/08/2024 – 12:15

    Tipo
    NVD-CWE-noinfo

    Gravedad 2.0 Txt
    Pendiente de análisis

    CPE
    cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*————2.4.3___cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*————2.4.3___cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*————

    Título en

    CVE-2024-39412

    Descripción en
    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.

    14/08/2024
    14/08/2024
    Fabricante
    adobe

    Producto
    commerce
    magento

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/magento/apsb24-61.html

    • Enviar en el boletín
    Off

    CVE-2024-39410

    CVE-2024-39410

    Título es
    CVE-2024-39410

    Mié, 14/08/2024 – 12:15

    Tipo
    CWE-352

    Gravedad 2.0 Txt
    Pendiente de análisis

    CPE
    cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*————2.4.3___cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*————2.4.3___cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*————

    Título en

    CVE-2024-39410

    Descripción en
    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.

    14/08/2024
    14/08/2024
    Fabricante
    adobe

    Producto
    commerce
    magento

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/magento/apsb24-61.html

    • Enviar en el boletín
    Off

    CVE-2024-39411

    CVE-2024-39411

    Título es
    CVE-2024-39411

    Mié, 14/08/2024 – 12:15

    Tipo
    NVD-CWE-noinfo

    Gravedad 2.0 Txt
    Pendiente de análisis

    CPE
    cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*————2.4.3___cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*————___cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*————___cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*————2.4.3___cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*————___cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*————

    Título en

    CVE-2024-39411

    Descripción en
    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.

    14/08/2024
    14/08/2024
    Fabricante
    adobe

    Producto
    commerce
    magento

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/magento/apsb24-61.html

    • Enviar en el boletín
    Off