Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2021-02-11T19:29:31.581101Z
Updated: 2024-09-16T20:17:11.549Z
Reserved: 2020-12-18T00:00:00
Link: CVE-2021-21026
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-11T20:15:14.560
Modified: 2024-11-21T05:47:25.613
Link: CVE-2021-21026
Redhat
No data.