Denial of Service Vulnerability in Aimeos E-commerce Framework
CVE-2024-47173

Currently unrated

Key Information:

Vendor: Aimeos
Status: Aimeos GraphQL API
Vendor: CVE Published:; 24 October 2024

What is CVE-2024-47173?

A vulnerability in the Aimeos e-commerce framework's GraphQL API admin interface opens the door to potential denial of service attacks. This affects SaaS and marketplace setups running versions 2024.04 through 2024.07.1. Users with these versions are advised to upgrade to 2024.07.2 or later to mitigate the risk. This vulnerability could disrupt service availability, emphasizing the importance of timely updates for maintaining security in e-commerce applications.

References

https://github.com/aimeos/ai-admin-graphql/security/advis...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 24, 2024