CVE-2024-34104

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier

Description The issue is related to an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction. The vulnerability is associated with deficiencies in the authorization procedure, allowing a remote attacker to bypass existing security restrictions.

Recommendations For Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.