CVE-2024-34103

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier

Description The issue is related to insufficient authentication procedures in Adobe Commerce, which could allow a remote attacker to escalate their privileges. This could result in unauthorized access or elevated privileges within the application. Exploitation does not require user interaction, but the attack complexity is high.

Recommendations For Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier, update to a version that includes the fix for the improper authentication vulnerability to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.