{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T16:36:07.168","vulnerabilities":[{"cve":{"id":"CVE-2023-38209","sourceIdentifier":"psirt@adobe.com","published":"2023-08-09T08:15:09.660","lastModified":"2024-11-21T08:13:05.447","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.4","matchCriteriaId":"76AAB57F-7723-44E0-B91A-9F120C849AC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*","matchCriteriaId":"D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*","matchCriteriaId":"4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*","matchCriteriaId":"D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*","matchCriteriaId":"CFEBDDF2-6443-4482-83B2-3CD272CF599F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*","matchCriteriaId":"6661093F-8D22-450F-BC6C-A8894A52E6A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*","matchCriteriaId":"9B07F7B2-E915-4EFF-8FFC-91143CEF082E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*","matchCriteriaId":"7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*","matchCriteriaId":"8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*","matchCriteriaId":"B6318F97-E59A-4425-8DC7-045C78A644F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*","matchCriteriaId":"7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*","matchCriteriaId":"D6086841-C175-46A1-8414-71C6163A0E7A"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/magento/apsb23-42.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]},{"url":"https://helpx.adobe.com/security/products/magento/apsb23-42.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}