CNNVD-202510-1718 Information

Oct 14, 2025 cve

CNNVD ID

CNNVD-202510-1718

CVE-2025-54267

  • CNNVD Published: 2025-10-14

Description (Chinese)

Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce 2.4.9-alpha2版本、2.4.8-p2版本、2.4.7-p7版本、2.4.6-p12版本、2.4.5-p14版本和2.4.4-p15及之前版本存在安全漏洞,该漏洞源于授权不当,可能导致低权限攻击者绕过安全措施并获得未经授权的特权访问。

Description (English)

Adobe Commerce is the leading global digital business solution for both business and brands in Adobe, United States. Adobe Common 2.4.9-alpha2 version, 2.4.8-p2 version, 2.4.7-p7 version, 2.4.6-p12 version, 2.4.5-p14 version and 2.4.4-p15 version and previous versions contain security loopholes, which stem from inappropriate authorization and may lead to low-authority attackers circumventing security measures and obtaining unauthorized privileged access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

奥多比

Published

2025-10-14

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/magento/apsb25-94.html

Patch

https://helpx.adobe.com/security/products/magento/apsb25-94.html

Share on: