{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T15:37:48.985","vulnerabilities":[{"cve":{"id":"CVE-2023-38208","sourceIdentifier":"psirt@adobe.com","published":"2023-08-09T08:15:09.563","lastModified":"2024-11-21T08:13:05.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.4","matchCriteriaId":"76AAB57F-7723-44E0-B91A-9F120C849AC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*","matchCriteriaId":"D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*","matchCriteriaId":"4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*","matchCriteriaId":"D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*","matchCriteriaId":"CFEBDDF2-6443-4482-83B2-3CD272CF599F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*","matchCriteriaId":"6661093F-8D22-450F-BC6C-A8894A52E6A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*","matchCriteriaId":"9B07F7B2-E915-4EFF-8FFC-91143CEF082E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*","matchCriteriaId":"7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*","matchCriteriaId":"8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*","matchCriteriaId":"B6318F97-E59A-4425-8DC7-045C78A644F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*","matchCriteriaId":"7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*","matchCriteriaId":"D6086841-C175-46A1-8414-71C6163A0E7A"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/magento/apsb23-42.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]},{"url":"https://helpx.adobe.com/security/products/magento/apsb23-42.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}