Bulletin ID
Security update available for Adobe Commerce | APSB23-17
|
Date Published |
Priority |
---|---|---|
APSB23-17 |
March 14, 2023 |
3 |
Summary
Affected Versions
Product | Version | Platform |
---|---|---|
Adobe Commerce |
2.4.4-p2 and earlier versions |
All |
2.4.5-p1 and earlier version |
All |
|
Magento Open Source | 2.4.4-p2 and earlier versions |
All |
2.4.5-p1 and earlier version |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version.
Product | Updated Version | Platform | Priority Rating | Installation Instructions |
---|---|---|---|---|
Adobe Commerce |
2.4.6, 2.4.5-p2, 2.4.4-p3 |
All |
3 | 2.4.x release notes |
Magento Open Source |
2.4.6, 2.4.5-p2, 2.4.4-p3 |
All |
3 |
Vulnerability Details
Vulnerability Category | Vulnerability Impact | Severity | Authentication required to exploit? | Exploit requires admin privileges? |
CVSS base score |
CVSS vector |
CVE number(s) |
---|---|---|---|---|---|---|---|
XML Injection (aka Blind XPath Injection) (CWE-91) |
Arbitrary file system read |
Critical | No | No | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
CVE-2023-22247 |
Cross-site Scripting (Stored XSS) (CWE-79) |
Arbitrary code execution |
Important | Yes | Yes | 4.8 | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
CVE-2023-22249 |
Improper Access Control (CWE-284) |
Security feature bypass |
Important | No | No | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
CVE-2023-22250 |
Improper Authorization (CWE-285) |
Security feature bypass |
Moderate | No | No | 3.1 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
CVE-2023-22251 |
Authentication required to exploit: The vulnerability is (or is not) exploitable without credentials.
Exploit requires admin privileges: The vulnerability is (or is not) only exploitable by an attacker with administrative privileges.
Acknowledgements
Adobe would like to thank the following researchers for reporting this issue and working with Adobe to help protect our customers:
- Ricardo Iramar dos Santos -- CVE-2023-22247
- linoskoczek (linoskoczek) -- CVE-2023-22249
- wash0ut (wash0ut) -- CVE-2023-22250
- Theis Corfixen (corfixen) -- CVE-2023-22251
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.