CVE-2023-29293

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.6 and earlier Adobe Commerce versions 2.4.5-p2 and earlier Adobe Commerce versions 2.4.4-p3 and earlier

Description The issue is related to an Improper Input Validation that could result in a Security feature bypass. An admin privileged attacker could leverage this to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. The vulnerability exists due to insufficient input validation, which may allow a remote attacker to bypass existing security restrictions.

Recommendations For Adobe Commerce versions 2.4.6 and earlier, update to a version that addresses the Improper Input Validation issue. For Adobe Commerce versions 2.4.5-p2 and earlier, update to a version that addresses the Improper Input Validation issue. For Adobe Commerce versions 2.4.4-p3 and earlier, update to a version that addresses the Improper Input Validation issue. As a temporary workaround, consider restricting access to sensitive features until a patch is available.