4.3
CVSSv2

CVE-2020-24406

Published: 09/11/2020 Updated: 12/11/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.7 | Impact Score: 1.4 | Exploitability Score: 2.2
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

When in maintenance mode, Magento version 2.4.0 and 2.3.4 (and previous versions) are affected by an information disclosure vulnerability that could expose the installation path during build deployments. This information could be helpful to attackers if they are able to identify other exploitable vulnerabilities in the environment.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

magento magento

magento magento 2.4.0

Vendor Advisories

<!-- version component --> Security Updates Available for Magento | APSB20-59 Bulletin ID Date Published Priority ASPB20-59 October 15th, 2020       2 ...