Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-54263 (GCVE-0-2025-54263)
Vulnerability from cvelistv5 – Published: 2025-10-14 20:27 – Updated: 2026-02-26 16:57
VLAI?
EPSS
Title
Adobe Commerce | Incorrect Authorization (CWE-863)
Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.
Severity ?
8.1 (High)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | Adobe Commerce |
Affected:
0 , ≤ 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54263",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T03:55:29.764367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:54.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Adobe Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T20:27:56.014Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Commerce | Incorrect Authorization (CWE-863)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-54263",
"datePublished": "2025-10-14T20:27:56.014Z",
"dateReserved": "2025-07-17T21:15:02.463Z",
"dateUpdated": "2026-02-26T16:57:54.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"affected\", \"product\": \"Adobe Commerce\", \"vendor\": \"Adobe\", \"versions\": [{\"lessThanOrEqual\": \"2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\"}]}], \"datePublic\": \"2025-10-14T17:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"availabilityRequirement\": \"NOT_DEFINED\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"confidentialityRequirement\": \"NOT_DEFINED\", \"environmentalScore\": 8.1, \"environmentalSeverity\": \"HIGH\", \"exploitCodeMaturity\": \"NOT_DEFINED\", \"integrityImpact\": \"HIGH\", \"integrityRequirement\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"LOW\", \"modifiedAttackVector\": \"NETWORK\", \"modifiedAvailabilityImpact\": \"NONE\", \"modifiedConfidentialityImpact\": \"HIGH\", \"modifiedIntegrityImpact\": \"HIGH\", \"modifiedPrivilegesRequired\": \"LOW\", \"modifiedScope\": \"UNCHANGED\", \"modifiedUserInteraction\": \"NONE\", \"privilegesRequired\": \"LOW\", \"remediationLevel\": \"NOT_DEFINED\", \"reportConfidence\": \"NOT_DEFINED\", \"scope\": \"UNCHANGED\", \"temporalScore\": 8.1, \"temporalSeverity\": \"HIGH\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-863\", \"description\": \"Incorrect Authorization (CWE-863)\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"shortName\": \"adobe\", \"dateUpdated\": \"2025-10-14T20:27:56.014Z\"}, \"references\": [{\"tags\": [\"vendor-advisory\"], \"url\": \"https://helpx.adobe.com/security/products/magento/apsb25-94.html\"}], \"source\": {\"discovery\": \"EXTERNAL\"}, \"title\": \"Adobe Commerce | Incorrect Authorization (CWE-863)\"}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54263\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-21T03:55:29.764367Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-15T13:25:17.508Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54263\", \"assignerOrgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"adobe\", \"dateReserved\": \"2025-07-17T21:15:02.463Z\", \"datePublished\": \"2025-10-14T20:27:56.014Z\", \"dateUpdated\": \"2026-02-26T16:57:54.026Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CNVD-2025-24199
Vulnerability from cnvd - Published: 2025-10-20
VLAI Severity ?
Title
Adobe Commerce安全绕过漏洞(CNVD-2025-24199)
Description
Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。
Adobe Commerce存在安全绕过漏洞,攻击者可利用该漏洞绕过安全措施并维持未授权访问。
Severity
高
Patch Name
Adobe Commerce安全绕过漏洞(CNVD-2025-24199)的补丁
Patch Description
Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。
Adobe Commerce存在安全绕过漏洞,攻击者可利用该漏洞绕过安全措施并维持未授权访问。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://helpx.adobe.com/security/products/magento/apsb25-94.html
Reference
https://helpx.adobe.com/security/products/magento/apsb25-94.html
Impacted products
| Name | ['Adobe Magento Open Source <=2.4.8-p2', 'Adobe Magento Open Source <=2.4.7-p7', 'Adobe Magento Open Source <=2.4.6-p12', 'Adobe Adobe Commerce B2B <=1.5.3-alpha2', 'Adobe Adobe Commerce B2B <=1.5.2-p2', 'Adobe Adobe Commerce B2B <=1.4.2-p7', 'Adobe Adobe Commerce B2B <=1.3.4-p14', 'Adobe Adobe Commerce B2B <=1.3.3-p15', 'Adobe Adobe Commerce <=2.4.9-alpha2', 'Adobe Adobe Commerce <=2.4.8-p2', 'Adobe Adobe Commerce <=2.4.7-p7', 'Adobe Adobe Commerce <=2.4.6-p12', 'Adobe Adobe Commerce <=2.4.5-p14', 'Adobe Adobe Commerce <=2.4.4-p15', 'Adobe Adobe Commerce B2B <=1.3.5-p12', 'Adobe Magento Open Source 2.4.9-alpha2'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-54263",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263"
}
},
"description": "Adobe Commerce\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u79cd\u9762\u5411\u5546\u5bb6\u548c\u54c1\u724c\u7684\u5168\u7403\u9886\u5148\u7684\u6570\u5b57\u5546\u52a1\u89e3\u51b3\u65b9\u6848\u3002\n\nAdobe Commerce\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u63aa\u65bd\u5e76\u7ef4\u6301\u672a\u6388\u6743\u8bbf\u95ee\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://helpx.adobe.com/security/products/magento/apsb25-94.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-24199",
"openTime": "2025-10-20",
"patchDescription": "Adobe Commerce\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u79cd\u9762\u5411\u5546\u5bb6\u548c\u54c1\u724c\u7684\u5168\u7403\u9886\u5148\u7684\u6570\u5b57\u5546\u52a1\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nAdobe Commerce\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u63aa\u65bd\u5e76\u7ef4\u6301\u672a\u6388\u6743\u8bbf\u95ee\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Adobe Commerce\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2025-24199\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Adobe Magento Open Source \u003c=2.4.8-p2",
"Adobe Magento Open Source \u003c=2.4.7-p7",
"Adobe Magento Open Source \u003c=2.4.6-p12",
"Adobe Adobe Commerce B2B \u003c=1.5.3-alpha2",
"Adobe Adobe Commerce B2B \u003c=1.5.2-p2",
"Adobe Adobe Commerce B2B \u003c=1.4.2-p7",
"Adobe Adobe Commerce B2B \u003c=1.3.4-p14",
"Adobe Adobe Commerce B2B \u003c=1.3.3-p15",
"Adobe Adobe Commerce \u003c=2.4.9-alpha2",
"Adobe Adobe Commerce \u003c=2.4.8-p2",
"Adobe Adobe Commerce \u003c=2.4.7-p7",
"Adobe Adobe Commerce \u003c=2.4.6-p12",
"Adobe Adobe Commerce \u003c=2.4.5-p14",
"Adobe Adobe Commerce \u003c=2.4.4-p15",
"Adobe Adobe Commerce B2B \u003c=1.3.5-p12",
"Adobe Magento Open Source 2.4.9-alpha2"
]
},
"referenceLink": "https://helpx.adobe.com/security/products/magento/apsb25-94.html",
"serverity": "\u9ad8",
"submitTime": "2025-10-17",
"title": "Adobe Commerce\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2025-24199\uff09"
}
FKIE_CVE-2025-54263
Vulnerability from fkie_nvd - Published: 2025-10-14 21:15 - Updated: 2025-10-20 13:47
Severity ?
Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@adobe.com | https://helpx.adobe.com/security/products/magento/apsb25-94.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:*",
"matchCriteriaId": "1C3D7164-1C5F-40BC-9EEC-B0E00CD45808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:*",
"matchCriteriaId": "68AAE162-5957-42AF-BE20-40F341837FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:*",
"matchCriteriaId": "D9D01159-3309-4F6B-93B0-2D89DDD33DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p13:*:*:*:*:*:*",
"matchCriteriaId": "91736E79-D8E7-4AF2-8E01-A7B4EB8AD6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p14:*:*:*:*:*:*",
"matchCriteriaId": "8412C043-64E7-4DFF-A303-13A6FE113BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p15:*:*:*:*:*:*",
"matchCriteriaId": "BBDA2BCF-E784-4CF3-B30D-6FF5BEE2055F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*",
"matchCriteriaId": "6A56E96C-6CE5-442C-AA88-F0059B02B5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*",
"matchCriteriaId": "8867F510-201C-4199-8554-53DE156CE669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*",
"matchCriteriaId": "23988132-DD4E-4968-B6B8-954122F76081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p10:*:*:*:*:*:*",
"matchCriteriaId": "5764CC97-C866-415D-A3A1-5B5B9E1C06A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p11:*:*:*:*:*:*",
"matchCriteriaId": "E82D10D8-2894-4E5B-B47B-F00964DD5CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p12:*:*:*:*:*:*",
"matchCriteriaId": "B044F2D9-E888-4852-8A40-DCE688860ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p13:*:*:*:*:*:*",
"matchCriteriaId": "6423C754-36F9-4680-9211-60940ED63E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p14:*:*:*:*:*:*",
"matchCriteriaId": "3472064A-8C79-436B-965A-96834AE8D346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "6DF0E74D-9293-4209-97D1-A3BA13C3DDE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*",
"matchCriteriaId": "8922D646-1A97-47ED-91C6-5A426781C98A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*",
"matchCriteriaId": "952787C6-9BF1-49FB-9824-1236678E1902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p9:*:*:*:*:*:*",
"matchCriteriaId": "898A8679-3C46-4718-9EDF-583ADDFCF2EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p10:*:*:*:*:*:*",
"matchCriteriaId": "E57889CC-3E90-46AF-9CD6-3328DD501AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p11:*:*:*:*:*:*",
"matchCriteriaId": "47A86566-DE38-4032-947D-B6181F0BC120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p12:*:*:*:*:*:*",
"matchCriteriaId": "B7D1D684-CE7E-4D6D-95B5-1F86A8DB6C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "0E05F4AC-2A28-47E3-96DE-0E31AF73CD43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "3A9A62EE-1649-4815-8EC9-7AEF7949EB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "E58690F9-FA9C-42A0-B4CD-91FD1197A53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "77D01D8B-1FBC-43CA-90F9-C89D9B4D18F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p8:*:*:*:*:*:*",
"matchCriteriaId": "8B83729E-80AF-47CE-A70C-32BF83024A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p9:*:*:*:*:*:*",
"matchCriteriaId": "73D22D42-646D-4955-A6F9-9B7BA63DC0A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B5D04853-0C2F-47DD-A939-3A8F6E22CB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*",
"matchCriteriaId": "6EBB0608-034B-4F07-A59B-9E6A989BA260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*",
"matchCriteriaId": "B3BF9B08-84E3-4974-9DEB-F4285995D796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "7771BEDB-05E2-430E-B2A2-E2F7574B7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "2E05341A-C70C-4B3D-AF30-9520D6B97D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "4D98B52E-3B59-4327-AC7E-DDBB0ADA08F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "95026AA9-A28B-4D94-BD77-7628429EBA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "83FD1220-7D46-42B2-8110-30A934144572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p5:*:*:*:*:*:*",
"matchCriteriaId": "3F1439CE-8A3B-414A-B974-559209FF480C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p6:*:*:*:*:*:*",
"matchCriteriaId": "13726DEE-FFCB-447B-9FFF-136F132F2C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p7:*:*:*:*:*:*",
"matchCriteriaId": "1A9443CE-AE1F-4D66-9C88-5E2E3FD28EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "1EE12F4B-5607-4790-A29B-EE23383BCC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.8:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6D05A958-9749-486A-A149-C21647CDCADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.8:beta2:*:*:*:*:*:*",
"matchCriteriaId": "C9E12B43-AD3E-48A2-9042-5586186CA3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "C267AF14-7BA8-4D1F-BCD9-BE3ED0DA3D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "B4947C63-CFD9-437B-A09E-A197DCE40095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.9:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "37F32F70-7B2A-4BAB-B3F0-AFF5C04CCDED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.9:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "8B6B7609-6A8E-4154-BC05-2A9099909684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:*",
"matchCriteriaId": "C4667AA3-4CC9-41C0-8E0C-19B0FCE1CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "E396FB4F-B20A-4BF9-8FBD-014A0F197F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:*",
"matchCriteriaId": "2ADE32D1-2845-4030-BE1F-ECE28189D0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p11:*:*:*:*:*:*",
"matchCriteriaId": "F2E771C9-86C4-455C-98D4-6F4FE7A9A822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p12:*:*:*:*:*:*",
"matchCriteriaId": "491AB715-F62A-46DB-A56E-055CF7CB7BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p13:*:*:*:*:*:*",
"matchCriteriaId": "6FE364A8-4780-426F-9E8A-284A31FE2623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p14:*:*:*:*:*:*",
"matchCriteriaId": "F9258027-8A6A-4C6A-BC6F-349B6E03D828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p15:*:*:*:*:*:*",
"matchCriteriaId": "934C52C7-8751-481E-BAA7-F631C4E31F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "5677B7E2-FA07-4536-96A9-2C64BEFD3751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "2DCD1522-6E27-474F-9FC6-413409D6AD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "B7968FCA-CCFD-4222-8FB8-E6E21107944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p5:*:*:*:*:*:*",
"matchCriteriaId": "8C175A1F-7814-4C51-A7B7-AD5140F0688F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p6:*:*:*:*:*:*",
"matchCriteriaId": "E66CBFB3-40C3-474A-A3A3-12135F610814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p7:*:*:*:*:*:*",
"matchCriteriaId": "F51DFA17-1875-41A9-B141-D89BB6238B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p8:*:*:*:*:*:*",
"matchCriteriaId": "5A4D10EF-9137-4DF5-A5DD-97907E8B4C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.3:p9:*:*:*:*:*:*",
"matchCriteriaId": "5CD0DC76-7181-4954-A59E-AB7BB47D0576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1C90C433-6655-4038-9AB3-0304C1AFF360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "374E7EDD-512A-4633-A136-01A656935334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p10:*:*:*:*:*:*",
"matchCriteriaId": "89BAB227-03E6-4776-ADE4-9D9CB666EFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p11:*:*:*:*:*:*",
"matchCriteriaId": "0E5ACABA-D6D6-4F29-A9DD-5A04A44ABE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p12:*:*:*:*:*:*",
"matchCriteriaId": "FA80AFCE-2663-46C0-AEC0-C16C8E675E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p13:*:*:*:*:*:*",
"matchCriteriaId": "EB9955CA-7E7B-40D3-A85D-58BB0D9AC897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p14:*:*:*:*:*:*",
"matchCriteriaId": "5D0A17AC-D433-47C2-A1AC-88291DCCECCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "0E9D364A-C858-4160-8B8B-33ECF94796D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "61559E50-581E-40FF-9FD4-10192ECFCD04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "DE3BFB41-5633-4167-B1EA-9E958BCE9DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "F2C525D2-837D-486A-8B38-5634AE2ECE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "6F220229-F2DF-4C9D-90A6-8B09F8BE3391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p7:*:*:*:*:*:*",
"matchCriteriaId": "63AB9506-3F8E-4C2E-A859-2380431C15A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p8:*:*:*:*:*:*",
"matchCriteriaId": "51B76658-EA6B-4AC9-9D9C-374C5308D069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.4:p9:*:*:*:*:*:*",
"matchCriteriaId": "6E94B136-7A2C-47F0-BCE4-6BB8E776A305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3C5C3F26-24F0-4CF5-AA2E-7CA13E9D17DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "E888424C-B9F2-4AE7-A77A-39F34143548F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p10:*:*:*:*:*:*",
"matchCriteriaId": "A4BE67D7-6463-4179-8C68-298CF960DBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p11:*:*:*:*:*:*",
"matchCriteriaId": "6CFD1C81-A05D-4E92-9BF5-244021808C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p12:*:*:*:*:*:*",
"matchCriteriaId": "0ADE4696-7DAE-45F3-9161-04AF9FB8DAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "CE97B86B-32CE-4E7F-BA98-C1059BF7BFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "41CEF959-997F-47C9-8186-D4D56C6F4D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "A83DCE0F-E201-4753-9164-F01D46172248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "8CFAABD7-7658-4A32-B5E3-13F6214BABCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "CE880F0B-EC8C-429B-9257-E6F890872F7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p7:*:*:*:*:*:*",
"matchCriteriaId": "66F3EA5F-08A2-4A1E-82D3-BBE7FFA2667E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p8:*:*:*:*:*:*",
"matchCriteriaId": "7930F188-A689-4041-BF4F-FBCA579D2E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.3.5:p9:*:*:*:*:*:*",
"matchCriteriaId": "45090787-93BF-4683-B1E2-7D12FB18BEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "15C638A8-EFE0-47DB-B1F9-34093AF0FC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "CB863404-A9D7-4692-AB43-08945E669928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "D8CFA8F4-D57D-4D0F-88D5-00A72E3AD8DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "A21F608C-C356-47B8-8FBB-DB28BABFC4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "E14195F1-5016-46BE-A614-6FB4E312FC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "9C360EA8-B18F-4327-90EF-7EED2892BE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "500E3A54-D7C7-4887-9EA6-7DF85389A831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.4.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "ED6FFC1D-E921-4FF7-9928-015630613FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.5.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D855D141-7876-4F5A-91BE-6350DD379879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.5.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "79CBDF59-EB84-44D3-81CF-5CBF943B411E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.5.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "2117B163-D88E-4EB4-AEA7-F27FB732BD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.5.3:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "508EE0EF-D54A-4834-84AB-FFC62040FDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:commerce_b2b:1.5.3:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "4D7C6592-33B0-4586-8178-E8F4EB837B7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*",
"matchCriteriaId": "789BD987-9DAD-4EAE-93DE-0E267D54F124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "A3F113C0-00C5-4BC2-B42B-8AE3756252F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p10:*:*:open_source:*:*:*",
"matchCriteriaId": "AE842CC8-7795-4238-B727-0BA2FFFBF62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p11:*:*:open_source:*:*:*",
"matchCriteriaId": "AE724531-422D-4ABB-98F5-2C0B1BBEF031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p12:*:*:open_source:*:*:*",
"matchCriteriaId": "BB499397-0E40-45B0-A7E9-BEFCC909DD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "02592D65-2D2C-460A-A970-8A18F9B156ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*",
"matchCriteriaId": "457B89CF-C75E-4ED6-8603-9C52BA462A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*",
"matchCriteriaId": "A572A2DC-2DAB-4ABE-8FC2-5AF2340C826F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*",
"matchCriteriaId": "2A2DD9C6-BAF5-4DF5-9C14-3478923B2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*",
"matchCriteriaId": "BA9CFC70-24CF-4DFA-AEF9-9B5A9DAF837D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p7:*:*:open_source:*:*:*",
"matchCriteriaId": "2AA0B806-ABB8-4C18-9F9C-8291BE208F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p8:*:*:open_source:*:*:*",
"matchCriteriaId": "AA9D4DAB-7567-48D7-BE60-2A10B35CFF27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p9:*:*:open_source:*:*:*",
"matchCriteriaId": "A91E797D-63F6-4DE8-869C-AF0133DC6C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*",
"matchCriteriaId": "0E06FE04-8844-4409-92D9-4972B47C921B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*",
"matchCriteriaId": "99C620F3-40ED-4D7F-B6A1-205E948FD6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*",
"matchCriteriaId": "FBCFE5FB-FAB7-4BF0-90AE-79F9590FD872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:beta3:*:*:open_source:*:*:*",
"matchCriteriaId": "7EB4B9C5-513C-4039-8087-5E8880894318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "9C77154A-DBFE-48C3-A274-03075A0DB040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "F5AAC414-623C-444F-9BD5-EE0ACE2B2246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p3:*:*:open_source:*:*:*",
"matchCriteriaId": "8292888D-B0B0-4DF3-8719-EA4CDCAB39D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p4:*:*:open_source:*:*:*",
"matchCriteriaId": "9830E074-FDCF-41E9-98C7-10C20424EF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p5:*:*:open_source:*:*:*",
"matchCriteriaId": "9D0C8648-B39E-47C7-AA5C-3AFED22F8D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p6:*:*:open_source:*:*:*",
"matchCriteriaId": "082F8B60-ECC5-4C55-BBFE-A0C8A3E95590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p7:*:*:open_source:*:*:*",
"matchCriteriaId": "A7B83AD4-3134-414A-80E3-106C3C0F975A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.8:-:*:*:open_source:*:*:*",
"matchCriteriaId": "00E8284F-10CD-449C-AEF1-688B8287292F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.8:beta1:*:*:open_source:*:*:*",
"matchCriteriaId": "59C10C74-FDB1-46EC-8F41-F3AC24AEFB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.8:beta2:*:*:open_source:*:*:*",
"matchCriteriaId": "2957B390-52C5-48D7-A6D7-709BC76B9C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.8:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "524F64B6-F7F7-4926-884F-E9448636007C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.8:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "9F56F919-69B6-4A77-B8CE-F13409542F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.9:alpha1:*:*:open_source:*:*:*",
"matchCriteriaId": "E34849F7-54EE-4E4C-9184-3DE9C30E12AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:magento:2.4.9:alpha2:*:*:open_source:*:*:*",
"matchCriteriaId": "4E21DFF0-9F15-44D2-B78A-097BF3ACD752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction."
}
],
"id": "CVE-2025-54263",
"lastModified": "2025-10-20T13:47:20.320",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "psirt@adobe.com",
"type": "Secondary"
}
]
},
"published": "2025-10-14T21:15:34.893",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "psirt@adobe.com",
"type": "Secondary"
}
]
}
CERTFR-2025-AVI-0876
Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Magento | Adobe Commerce versions 2.4.9-x antérieures à 2.4.9-alpha3 | ||
| Adobe | Magento | Magento Open Source versions 2.4.8-x antérieures à 2.4.8-p3 | ||
| Adobe | Magento | Magento Open Source versions 2.4.6-x antérieures à 2.4.6-p13 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.7-x antérieures à 2.4.7-p8 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.5-x antérieures à 2.4.5-p15 | ||
| Adobe | Commerce | Adobe Commerce B2B versions 1.5.2-x antérieures à 1.5.2-p3 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.6-x antérieures à 2.4.6-p13 | ||
| Adobe | Commerce | Adobe Commerce B2B versions 1.5.3-x antérieures à 1.5.3-alpha3 | ||
| Adobe | Commerce | Adobe Commerce B2B versions 1.3.3-x antérieures à 1.3.3-p16 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.9-x antérieures à 2.4.9-alpha3 | ||
| Adobe | Commerce | Adobe Commerce versions antérieures à 2.4.4-p16 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.8-x antérieures à 2.4.8-p3 | ||
| Adobe | Magento | Magento Open Source versions 2.4.7-x antérieures à 2.4.7-p8 | ||
| Adobe | Commerce | Adobe Commerce B2B versions 1.4.2-x antérieures à 1.4.2-p8 | ||
| Adobe | Commerce | Adobe Commerce B2B versions 1.3.4-x antérieures à 1.3.4-p13 | ||
| Adobe | Magento | Adobe Commerce versions antérieures à 2.4.5-p15 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Commerce versions 2.4.9-x ant\u00e9rieures \u00e0 2.4.9-alpha3",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.8-x ant\u00e9rieures \u00e0 2.4.8-p3",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p13",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.7-x ant\u00e9rieures \u00e0 2.4.7-p8",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.5-x ant\u00e9rieures \u00e0 2.4.5-p15",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce B2B versions 1.5.2-x ant\u00e9rieures \u00e0 1.5.2-p3",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p13",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce B2B versions 1.5.3-x ant\u00e9rieures \u00e0 1.5.3-alpha3",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce B2B versions 1.3.3-x ant\u00e9rieures \u00e0 1.3.3-p16",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.9-x ant\u00e9rieures \u00e0 2.4.9-alpha3",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions ant\u00e9rieures \u00e0 2.4.4-p16",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.8-x ant\u00e9rieures \u00e0 2.4.8-p3",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.7-x ant\u00e9rieures \u00e0 2.4.7-p8",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce B2B versions 1.4.2-x ant\u00e9rieures \u00e0 1.4.2-p8",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce B2B versions 1.3.4-x ant\u00e9rieures \u00e0 1.3.4-p13",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions ant\u00e9rieures \u00e0 2.4.5-p15",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-54267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54267"
},
{
"name": "CVE-2025-54266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54266"
},
{
"name": "CVE-2025-54265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54265"
},
{
"name": "CVE-2025-54263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54263"
},
{
"name": "CVE-2025-54264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54264"
}
],
"initial_release_date": "2025-10-15T00:00:00",
"last_revision_date": "2025-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0876",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB25-94",
"url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html"
}
]
}
GHSA-69X9-XP2J-W8G8
Vulnerability from github – Published: 2025-10-14 21:30 – Updated: 2025-10-21 20:35
VLAI?
Summary
Magento provides incorrect authorization through a security feature bypass
Details
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.
Severity ?
8.1 (High)
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.9-alpha1"
},
{
"fixed": "2.4.9-alpha3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.8-beta1"
},
{
"fixed": "2.4.8-p3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.7-beta1"
},
{
"fixed": "2.4.7-p8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.6-p13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"versions": [
"2.4.8"
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"versions": [
"2.4.7"
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/community-edition"
},
"versions": [
"2.4.6"
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "magento/project-community-edition"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-54263"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-21T20:35:57Z",
"nvd_published_at": "2025-10-14T21:15:34Z",
"severity": "HIGH"
},
"details": "Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.",
"id": "GHSA-69x9-xp2j-w8g8",
"modified": "2025-10-21T20:35:57Z",
"published": "2025-10-14T21:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263"
},
{
"type": "PACKAGE",
"url": "https://github.com/magento/magento2"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Magento provides incorrect authorization through a security feature bypass"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…