Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2021-02-11T19:29:31.581101Z

Updated: 2024-09-16T20:17:11.549Z

Reserved: 2020-12-18T00:00:00

Link: CVE-2021-21026

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-02-11T20:15:14.560

Modified: 2024-11-21T05:47:25.613

Link: CVE-2021-21026

cve-icon Redhat

No data.