CVE-2023-29293

LOW Year: 2023
CVSS v3 Score
2.7
Low
Weakness Type
CWE-20
View all →

Vulnerability Description

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.

Related Vulnerabilities

CVE-2017-15136

LOW
CVSS:2.7(Low)

When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will ...

CWE-202017

CVE-2017-18382

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).

CWE-202017

CVE-2017-18393

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).

CWE-202017

CVE-2017-18394

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).

CWE-202017

CVE-2017-18395

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not block a username of ssl (SEC-328).

CWE-202017

CVE-2017-18401

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).

CWE-202017