CVE-2020-24405 - CERT CVE

  1. CVE-2020-24405

ID CVE-2020-24405
Sažetak Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:L/Au:S/C:N/I:P/A:N
Zadnje važnije ažuriranje 21-10-2022 - 18:57
Objavljeno 09-11-2020 - 01:15