CVE-2024-45148

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier

Description The issue is related to an Improper Authentication vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to gain unauthorized access without proper credentials. Exploitation of this issue does not require user interaction. The vulnerability is associated with deficiencies in the authentication procedure, which can allow a remote attacker to bypass security restrictions.

Recommendations For Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier, update to a version that includes the fix for the Improper Authentication vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.