Vulnerability Details CVE-2024-45120
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.4%
CVSS Severity
CVSS v3 Score 3.1
Products affected by CVE-2024-45120
-
cpe:2.3:a:adobe:commerce:2.4.4
-
cpe:2.3:a:adobe:commerce:2.4.5
-
cpe:2.3:a:adobe:commerce:2.4.6
-
cpe:2.3:a:adobe:commerce:2.4.7
-
cpe:2.3:a:adobe:commerce_b2b:1.3.3
-
cpe:2.3:a:adobe:commerce_b2b:1.3.4
-
cpe:2.3:a:adobe:commerce_b2b:1.3.5
-
cpe:2.3:a:adobe:commerce_b2b:1.4.2
-
cpe:2.3:a:adobe:magento:2.4.4
-
cpe:2.3:a:adobe:magento:2.4.5
-
cpe:2.3:a:adobe:magento:2.4.6
-
cpe:2.3:a:adobe:magento:2.4.7