{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39406", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "state": "PUBLISHED", "assignerShortName": "adobe", "dateReserved": "2024-06-24T20:32:06.592Z", "datePublished": "2024-08-14T11:57:08.723Z", "dateUpdated": "2024-09-16T12:07:33.315Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Adobe Commerce", "vendor": "Adobe", "versions": [{"lessThanOrEqual": "2.4.4-p9", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2024-08-13T17:00:00.000Z", "descriptions": [{"lang": "en", "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 6.8, "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "NETWORK", "modifiedAvailabilityImpact": "NONE", "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "HIGH", "modifiedScope": "CHANGED", "modifiedUserInteraction": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "CHANGED", "temporalScore": 6.8, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2024-09-16T12:07:33.315Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)"}, "adp": [{"affected": [{"vendor": "adobe", "product": "commerce", "cpes": ["cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.7-p1", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "2.4.6-p6", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "2.4.5-p8", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "2.4.4-p9", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-14T14:12:23.020906Z", "id": "CVE-2024-39406", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T14:15:08.034Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39406", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-14T14:12:23.020906Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*"], "vendor": "adobe", "product": "commerce", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.4.7-p1"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.4.6-p6"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.4.5-p8"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.4.4-p9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T14:12:45.680Z"}}], "cna": {"title": "Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)", "source": {"discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "modifiedScope": "CHANGED", "temporalScore": 6.8, "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "temporalSeverity": "MEDIUM", "availabilityImpact": "NONE", "environmentalScore": 6.8, "privilegesRequired": "HIGH", "exploitCodeMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NETWORK", "confidentialityImpact": "HIGH", "environmentalSeverity": "MEDIUM", "availabilityRequirement": "NOT_DEFINED", "modifiedIntegrityImpact": "NONE", "modifiedUserInteraction": "NONE", "modifiedAttackComplexity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAvailabilityImpact": "NONE", "modifiedPrivilegesRequired": "HIGH", "modifiedConfidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Adobe", "product": "Adobe Commerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.4.4-p9"}], "defaultStatus": "affected"}], "datePublic": "2024-08-13T17:00:00.000Z", "references": [{"url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2024-09-16T12:07:33.315Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39406", "state": "PUBLISHED", "dateUpdated": "2024-09-16T12:07:33.315Z", "dateReserved": "2024-06-24T20:32:06.592Z", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "datePublished": "2024-08-14T11:57:08.723Z", "assignerShortName": "adobe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCD55BE5-59AF-4C75-9187-A90F23262716", "versionEndIncluding": "2.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*", "matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*", "matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*", "matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*", "matchCriteriaId": "6A56E96C-6CE5-442C-AA88-F0059B02B5E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*", "matchCriteriaId": "8867F510-201C-4199-8554-53DE156CE669", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*", "matchCriteriaId": "23988132-DD4E-4968-B6B8-954122F76081", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*", "matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*", "matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*", "matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*", "matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*", "matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*", "matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*", "matchCriteriaId": "6DF0E74D-9293-4209-97D1-A3BA13C3DDE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*", "matchCriteriaId": "8922D646-1A97-47ED-91C6-5A426781C98A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*", "matchCriteriaId": "952787C6-9BF1-49FB-9824-1236678E1902", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*", "matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*", "matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*", "matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*", "matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*", "matchCriteriaId": "0E05F4AC-2A28-47E3-96DE-0E31AF73CD43", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*", "matchCriteriaId": "3A9A62EE-1649-4815-8EC9-7AEF7949EB2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*", "matchCriteriaId": "E58690F9-FA9C-42A0-B4CD-91FD1197A53E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*", "matchCriteriaId": "B5D04853-0C2F-47DD-A939-3A8F6E22CB7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*", "matchCriteriaId": "6EBB0608-034B-4F07-A59B-9E6A989BA260", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*", "matchCriteriaId": "B3BF9B08-84E3-4974-9DEB-F4285995D796", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*", "matchCriteriaId": "2E05341A-C70C-4B3D-AF30-9520D6B97D30", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*", "matchCriteriaId": "11A61231-5593-481E-A28C-A68BC6EEC49A", "versionEndIncluding": "2.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*", "matchCriteriaId": "AC641EFE-3B9B-4988-A143-FE1F6FD0D689", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*", "matchCriteriaId": "5F7AA4A6-69E3-4BA4-A476-CA37F41D5482", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*", "matchCriteriaId": "A3D05570-FA72-4FCF-90E9-EC19731CD9F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*", "matchCriteriaId": "7DF079F1-1886-4974-A0F0-82DEA88F2E83", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*", "matchCriteriaId": "C4E7AFE2-E02D-4C7D-B9C3-CEF345F1287C", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*", "matchCriteriaId": "F39BCCFC-4748-4626-8E35-4BD299CE42A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*", "matchCriteriaId": "EB9003A6-F5CC-463F-AC3A-C76F96A39F45", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*", "matchCriteriaId": "10DBD0CA-AFC2-4E12-9239-C2FBE778E6E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*", "matchCriteriaId": "FBB3AA19-BF6C-4C4B-A213-494D35F08D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*", "matchCriteriaId": "6FE43B88-BCD6-4ADF-94E7-81EC15550A67", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*", "matchCriteriaId": "7A41C717-4B9F-4972-ABA3-2294EEC20F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*", "matchCriteriaId": "3FA80BBC-2DF2-46E1-84CE-8A899415114E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*", "matchCriteriaId": "510B1840-AE77-4BDD-9C09-26C64CC8FC81", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*", "matchCriteriaId": "FA1EDF58-8384-48C4-A584-54D24F6F7973", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*", "matchCriteriaId": "9D2D9715-3A6B-4BE0-B1C5-8D19A683A083", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*", "matchCriteriaId": "1C99B578-5DD6-476D-BB75-4DCAD7F79535", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*", "matchCriteriaId": "7C1B2897-79A5-4A5B-9137-7A4B6B85AA84", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*", "matchCriteriaId": "B9E8299D-FA97-483A-8E1B-BA7B869E467D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*", "matchCriteriaId": "9A1B92EC-E83A-43B3-8F14-5C1A52B579B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*", "matchCriteriaId": "789BD987-9DAD-4EAE-93DE-0E267D54F124", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*", "matchCriteriaId": "A3F113C0-00C5-4BC2-B42B-8AE3756252F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*", "matchCriteriaId": "02592D65-2D2C-460A-A970-8A18F9B156ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*", "matchCriteriaId": "457B89CF-C75E-4ED6-8603-9C52BA462A9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*", "matchCriteriaId": "A572A2DC-2DAB-4ABE-8FC2-5AF2340C826F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*", "matchCriteriaId": "2A2DD9C6-BAF5-4DF5-9C14-3478923B2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*", "matchCriteriaId": "BA9CFC70-24CF-4DFA-AEF9-9B5A9DAF837D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*", "matchCriteriaId": "0E06FE04-8844-4409-92D9-4972B47C921B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*", "matchCriteriaId": "99C620F3-40ED-4D7F-B6A1-205E948FD6F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*", "matchCriteriaId": "FBCFE5FB-FAB7-4BF0-90AE-79F9590FD872", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*", "matchCriteriaId": "9C77154A-DBFE-48C3-A274-03075A0DB040", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed."}, {"lang": "es", "value": " Las versiones 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") que podr\u00eda conducir a una lectura arbitraria del sistema de archivos. Un atacante podr\u00eda aprovechar esta vulnerabilidad para obtener acceso a archivos y directorios que se encuentran fuera del directorio restringido. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario y se cambia el alcance."}], "id": "CVE-2024-39406", "lastModified": "2024-09-16T12:15:03.080", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "psirt@adobe.com", "type": "Secondary"}]}, "published": "2024-08-14T12:15:26.243", "references": [{"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@adobe.com", "type": "Secondary"}]}

{}