CVE Vulnerabilities

CVE-2024-46938

Published: Sep 15, 2024 | Modified: Sep 20, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files.

Affected Software

Name Vendor Start Version End Version
Experience_commerce Sitecore 8.0 (including) 10.4 (including)
Experience_manager Sitecore 8.0 (including) 10.4 (including)
Experience_platform Sitecore 8.0 (including) 10.4 (including)

References