CVE-2024-42354 | Shopware up to 6.5.8.12/6.6.5.0 Store-API access control (GHSA-hhcq-ph6w-494g)

Posted by Angelo Barbosa | Aug 8, 2024 | CVE

A vulnerability was found in Shopware up to 6.5.8.12/6.6.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Store-API. The manipulation leads to improper access controls.

This vulnerability is handled as CVE-2024-42354. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42354 | Shopware up to 6.5.8.12/6.6.5.0 Store-API access control (GHSA-hhcq-ph6w-494g)

Related Posts

CVE-2023-51554 | Foxit PDF Reader Signature use after free (ZDI-23-1866)

CVE-2024-32741 | Siemens SIMATIC CN 4100 up to 2.x GRUB hard-coded password (ssa-273900)

CVE-2024-36415 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 unrestricted upload (GHSA-c82f-58jv-jfrh)

CVE-2024-37879 | Friendly SVN up to 1.0.11 /admin/config/save siteTitle/siteIco/siteLogo input validation