CNNVD-202506-3199 Information

CNNVD ID

CNNVD-202506-3199

Related CVE

CVE-2025-49549

• CNNVD Published: 2025-06-25

Description (Chinese)

Adobe Commerce是美国奥多比（Adobe）公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在安全漏洞，该漏洞源于授权不当，可能导致安全功能绕过。以下版本受到影响：2.4.8版本、2.4.7-p5版本、2.4.6-p10版本、2.4.5-p12版本和2.4.4-p13及之前版本。

Description (English)

Adobe Commerce is the leading global digital business solution for both business and brands in Adobe, United States. There is a security loophole in Adobe Commerce, which stems from inappropriate delegation of authority and may lead to the circumvention of security functions. The following versions were affected: 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12 and 2.4.4-p13 and earlier.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

奥多比

Published

2025-06-25

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/magento/apsb25-50.html https://nvd.nist.gov/vuln/detail/CVE-2025-49549

Patch

https://helpx.adobe.com/security/products/magento/apsb25-50.html