Incorrect Authorization Vulnerability in Adobe Commerce
CVE-2025-54263
8.1HIGH
What is CVE-2025-54263?
Adobe Commerce is affected by an Incorrect Authorization vulnerability that allows low-privileged attackers to bypass security measures and obtain unauthorized access to the system. This vulnerability can be exploited without requiring user interaction, which raises significant security concerns for businesses utilizing these affected versions of Adobe Commerce. Prompt action is recommended to ensure systems are updated to mitigate potential risks.
Affected Version(s)
Adobe Commerce 0 <= 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved