Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environment configuration changes.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2019-08-02T21:25:26
Updated: 2024-08-04T21:02:19.397Z
Reserved: 2019-02-12T00:00:00
Link: CVE-2019-7904
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-08-02T22:15:17.533
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-7904
Redhat
No data.