- Bulletin ID: APSB24-90
- Published: November 12, 2024
- Priority: 3
- Severity: Critical
- CVE Count: 1
Affected Versions
- Adobe Commerce and Magento Open Source powered by Commerce Services and deployed as SaaS (software as a service). (Commerce Services Connector): 3.2.5 and earlier
Vulnerability Details
Total Vulnerabilities: 1
Severity Breakdown:
Key Vulnerabilities:
1. CVE-2024-49521
- Category: Server-Side Request Forgery (SSRF) (CWE-918)
- Impact: Arbitrary code execution
- Severity: Critical
- CVSS Score: 7.7
- Authentication Required: Yes
CVE Identifiers
CVE-2024-49521
Read Full Bulletin on Adobe Security Portal →