An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sitecore
Sitecore experience Commerce Sitecore experience Manager Sitecore experience Platform |
|
Weaknesses | CWE-200 | |
CPEs | cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:* cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:* cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Sitecore
Sitecore experience Commerce Sitecore experience Manager Sitecore experience Platform |
|
Metrics |
cvssV3_1
|
Sun, 15 Sep 2024 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-15T00:00:00
Updated: 2024-09-17T15:06:07.924Z
Reserved: 2024-09-15T00:00:00
Link: CVE-2024-46938
Vulnrichment
Updated: 2024-09-17T15:06:02.630Z
NVD
Status : Awaiting Analysis
Published: 2024-09-15T22:15:09.830
Modified: 2024-09-17T15:35:10.980
Link: CVE-2024-46938
Redhat
No data.