CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22251

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. A low-privileged authenticated attacker could leverage this vulnerability to achieve minor information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.9%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-22251

Adobe » Commerce » Version: N/A

cpe:2.3:a:adobe:commerce:-
Adobe » Commerce » Version: 2.3.7

cpe:2.3:a:adobe:commerce:2.3.7
Adobe » Commerce » Version: 2.4.0

cpe:2.3:a:adobe:commerce:2.4.0
Adobe » Commerce » Version: 2.4.1

cpe:2.3:a:adobe:commerce:2.4.1
Adobe » Commerce » Version: 2.4.2

cpe:2.3:a:adobe:commerce:2.4.2
Adobe » Commerce » Version: 2.4.3

cpe:2.3:a:adobe:commerce:2.4.3
Adobe » Commerce » Version: 2.4.4

cpe:2.3:a:adobe:commerce:2.4.4
Adobe » Commerce » Version: 2.4.5

cpe:2.3:a:adobe:commerce:2.4.5
Adobe » Magento Open Source » Version: 2.3.7

cpe:2.3:a:adobe:magento_open_source:2.3.7
Adobe » Magento Open Source » Version: 2.4.0

cpe:2.3:a:adobe:magento_open_source:2.4.0
Adobe » Magento Open Source » Version: 2.4.1

cpe:2.3:a:adobe:magento_open_source:2.4.1
Adobe » Magento Open Source » Version: 2.4.2

cpe:2.3:a:adobe:magento_open_source:2.4.2
Adobe » Magento Open Source » Version: 2.4.3

cpe:2.3:a:adobe:magento_open_source:2.4.3
Adobe » Magento Open Source » Version: 2.4.4

cpe:2.3:a:adobe:magento_open_source:2.4.4
Adobe » Magento Open Source » Version: 2.4.5

cpe:2.3:a:adobe:magento_open_source:2.4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22251

Products

Pricing

Contact Us