Incorrect Authorization Vulnerability in Adobe Commerce: Information Exposure and Privilege Escalation

Incorrect Authorization Vulnerability in Adobe Commerce: Information Exposure and Privilege Escalation

CVE-2022-42344 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Incorrect Authorization vulnerability. An authenticated attacker can exploit this vulnerability to achieve information exposure and privilege escalation.

Learn more about our Web Application Penetration Testing UK.