CVE-2024-39419

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7-p1 through 2.4.4-p9 and earlier

Description The issue is related to inadequate access control in Adobe Commerce, allowing a remote attacker to elevate their privileges. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.

Recommendations For Adobe Commerce versions 2.4.7-p1 through 2.4.4-p9 and earlier, update to a version that addresses the improper authorization vulnerability to prevent security feature bypass. At the moment, there is no information about a newer version that contains a fix for this vulnerability.