CVE-2024-45115

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier Magento Open Source (affected versions not specified) Adobe Commerce B2B (affected versions not specified)

Description The issue is related to insufficient authentication procedures in the affected software, which could allow a remote attacker to escalate their privileges. This vulnerability may enable an attacker to gain unauthorized access or elevated privileges within the application without requiring user interaction.

Recommendations For Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Magento Open Source: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Adobe Commerce B2B: At the moment, there is no information about a newer version that contains a fix for this vulnerability.