CVE-2024-45133

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier

Description The issue is related to an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality, which may aid in further attacks. Exploitation of this issue does not require user interaction. The vulnerability is also associated with inadequate access control, allowing a remote attacker to bypass security features and gain unauthorized access to protected information.

Recommendations For Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier: At the moment, there is no information about a newer version that contains a fix for this vulnerability.