VYPR
Moderate severityNVD Advisory· Published Feb 15, 2024· Updated Aug 1, 2024

Force high-usage of resources by generating unlimited coupons: Adobe Commerce

CVE-2024-20716

Description

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application to slow down or crash. Exploitation of this issue does not require user interaction.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
magento/community-editionPackagist
>= 2.4.6-p1, < 2.4.6-p42.4.6-p4
magento/community-editionPackagist
>= 2.4.5-p1, < 2.4.5-p62.4.5-p6
magento/community-editionPackagist
>= 2.4.4-p1, < 2.4.4-p72.4.4-p7
magento/project-community-editionPackagist
<= 2.0.2

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.