CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
21.8%
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions they did not intend to do, which could be used to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction, typically in the form of the victim clicking a link or visiting a malicious website.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:* |
adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:* |
adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:* |
adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:* |
adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:* |
[
{
"defaultStatus": "affected",
"product": "Adobe Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.4-p6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
21.8%