{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T04:20:11.837","vulnerabilities":[{"cve":{"id":"CVE-2020-24406","sourceIdentifier":"psirt@adobe.com","published":"2020-11-09T01:15:12.880","lastModified":"2024-11-21T05:14:45.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When in maintenance mode, Magento version 2.4.0 and 2.3.4 (and earlier) are affected by an information disclosure vulnerability that could expose the installation path during build deployments. This information could be helpful to attackers if they are able to identify other exploitable vulnerabilities in the environment."},{"lang":"es","value":"Cuando está en modo de mantenimiento, Magento versiones 2.4.0 y 2.3.4 (y anteriores) están afectadas por una vulnerabilidad de divulgación de información que podría exponer la ruta de instalación durante implementaciones de compilación. Esta información podría ser útil para unos atacantes si pueden identificar otras vulnerabilidades explotables en el entorno"}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*","versionEndIncluding":"2.3.4","matchCriteriaId":"53D3B41C-E47D-4F48-BEB9-77FF70D2FB46"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*","versionEndIncluding":"2.3.4","matchCriteriaId":"692B08D3-66EA-455C-A935-7724C06629D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:2.4.0:*:*:*:commerce:*:*:*","matchCriteriaId":"8B564171-2253-412F-B936-8FEA1074BBBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:magento:magento:2.4.0:*:*:*:open_source:*:*:*","matchCriteriaId":"446F9B89-3455-46F4-A7B0-CCA7857E0FC4"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]},{"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}