CVE-2024-37294

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-37294
Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to receive a patch.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/aimeos/aimeos-core/security/advisories/GHSA-xjm6-jfmg-qc6p
Configurations

No configuration.

History

No history.

Information

Published : 2024-06-11 15:16

Updated : 2024-06-13 18:36

NVD link : CVE-2024-37294

Mitre link : CVE-2024-37294

CVE.ORG link : CVE-2024-37294

JSON object : View

Products Affected

No product.

CWE
CWE-270

Privilege Context Switching Error