admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-223xx/CVE-2025-22384.json
cad-safe-bot a3043036d0 Auto-Update: 2025-01-12T03:00:19.531309+00:00
2025-01-12 03:03:49 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-22384",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-04T02:15:06.937",
"lastModified": "2025-01-06T17:15:47.820",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Optimizely Configured Commerce antes de la versi\u00f3n 5.2.2408. Existe un problema de gravedad media relacionado con la l\u00f3gica empresarial en la aplicaci\u00f3n Commerce B2B, que permite que los visitantes de la tienda compren productos discontinuados en situaciones espec\u00edficas en las que las solicitudes se modifican antes de llegar al servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-472"
}
]
}
],
"references": [
{
"url": "https://support.optimizely.com/hc/en-us/articles/32694560473741-Configured-Commerce-Security-Advisory-COM-2024-02",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink