Command injection in data collector backup due to insufficient patching of CVE-2023-38208

Stammdaten

Kritikalität
CVE ID
CVE-2024-20720
Aktualisiert am:
2024-06-18T20:48:07.858Z
Veröffentlicht am:
2024-02-15T13:39:37.766Z
 

Betroffene Produkte

Hersteller:
Adobe
Produkt(e):
Adobe Commerce
Betroffene Version:
0
 

Beschreibung

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
 

Referenzen

 

NIST-Link:


Copyright © 2024 · All Rights Reserved · https://www.tecxero.com | Impressum