PT-2024-32457 · Aimeos · Aimeos

Ssshah2131

Published

2024-10-24

Updated

2024-10-25

CVE-2024-47173

CVSS v3.1

5.5

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions Aimeos versions 2024.04 through 2024.07.1

Description The issue affects all SaaS and marketplace setups using the Aimeos GraphQL API admin interface, potentially allowing a denial of service attack.

Recommendations For versions 2024.04 through 2024.07.1, update to version 2024.07.2 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-270

Related Identifiers

CVE-2024-47173

GHSA-QXGX-HVG3-V92W

Affected Products

Aimeos

PT-2024-32457 · Aimeos · Aimeos

CVE-2024-47173

Weakness Enumeration

Related Identifiers

Affected Products

References · 7