CVE-2024-20720
Published Feb 15, 2024
Last updated 9 months ago
Overview
- Description
- Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
- Source
- psirt@adobe.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- psirt@adobe.com
- CWE-78
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
],
"operator": "OR"
}
]
}
]