CVE-2023-29287
EUVD-2023-3286215.06.2023, 19:15
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak minor user data. Exploitation of this issue does not require user interaction..Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| adobe | commerce | 2.3.7 |
| adobe | commerce | 2.3.7:p1 |
| adobe | commerce | 2.3.7:p2 |
| adobe | commerce | 2.3.7:p3 |
| adobe | commerce | 2.3.7:p4 |
| adobe | commerce | 2.3.7:p4-ext1 |
| adobe | commerce | 2.3.7:p4-ext2 |
| adobe | commerce | 2.4.0 |
| adobe | commerce | 2.4.0:ext-1 |
| adobe | commerce | 2.4.0:ext-2 |
| adobe | commerce | 2.4.1 |
| adobe | commerce | 2.4.1:ext-1 |
| adobe | commerce | 2.4.1:ext-2 |
| adobe | commerce | 2.4.2 |
| adobe | commerce | 2.4.2:ext-1 |
| adobe | commerce | 2.4.2:ext-2 |
| adobe | commerce | 2.4.3 |
| adobe | commerce | 2.4.3:ext-1 |
| adobe | commerce | 2.4.3:ext-2 |
| adobe | commerce | 2.4.4 |
| adobe | commerce | 2.4.4:p1 |
| adobe | commerce | 2.4.4:p2 |
| adobe | commerce | 2.4.4:p3 |
| adobe | commerce | 2.4.5 |
| adobe | commerce | 2.4.5:p1 |
| adobe | commerce | 2.4.5:p2 |
| adobe | commerce | 2.4.6 |
| adobe | magento | 2.4.4 |
| adobe | magento | 2.4.4:p1 |
| adobe | magento | 2.4.4:p2 |
| adobe | magento | 2.4.4:p3 |
| adobe | magento | 2.4.5 |
| adobe | magento | 2.4.5:p1 |
| adobe | magento | 2.4.5:p2 |
| adobe | magento | 2.4.6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration