Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/magento/apsb21-08.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: adobe
Published: 2021-02-09T00:00:00
Updated: 2021-02-11T19:29:31
Reserved: 2020-12-18T00:00:00
Link: CVE-2021-21020
JSON object: View
NVD Information
Status : Modified
Published: 2021-02-11T20:15:14.187
Modified: 2023-11-07T03:29:16.733
Link: CVE-2021-21020
JSON object: View
Redhat Information
No data.
CWE