CVE-2023-22250

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.4-p2 and earlier Adobe Commerce versions 2.4.5-p1 and earlier

Description The issue is related to an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. The vulnerability is associated with inadequate access control in the Adobe Commerce platform, allowing a remote attacker to bypass existing security restrictions.

Recommendations For Adobe Commerce versions 2.4.4-p2 and earlier, update to a version later than 2.4.4-p2 to resolve the issue. For Adobe Commerce versions 2.4.5-p1 and earlier, update to a version later than 2.4.5-p1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive features until a patch is available.