216.73.217.123

CVE-2024-39399

· Published 14/08/2024 12:15 · Modified 14/08/2024 14:47

Labels: CVE-2024-39399 2024-08-14CVE-2024-39399CWE-22[email protected]

Essential information

Published
14/08/2024 12:15
Modified
14/08/2024 14:47
Author
Creator
CVSS
7.7 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVSS metrics

Description

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.

NVD status

Status
Analyzed — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
adobe / commerce cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*

References