5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-22250

GHSA ID

GHSA-4h7p-4vq8-g2gh

EPSS Score

0.12951%

CWE

CWE-284

Published

3/27/2023

Updated

3/4/2025

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-22250

CVE-2023-22250: Magento Open Source allows Improper Access Control

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-22250

GHSA ID

GHSA-4h7p-4vq8-g2gh

EPSS Score

0.12951%

CWE

CWE-284

Published

3/27/2023

Updated

3/4/2025

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
magento/community-edition	composer	>= 2.4.4-p1, < 2.4.4-p3	2.4.4-p3
magento/community-edition	composer	= 2.4.4
magento/community-edition	composer	= 2.4.5
magento/community-edition	composer	= 2.4.5-p1	2.4.5-p2
magento/project-community-edition	composer	<= 2.0.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

**o** *omm*r** v*rsions *.*.*-p* (*n* **rli*r) *n* *.*.*-p* (*n* **rli*r) *r* *****t** *y *n Improp*r ****ss *ontrol vuln*r**ility t**t *oul* r*sult in * S**urity ***tur* *yp*ss. *n *tt**k*r *oul* l*v*r*** t*is vuln*r**ility to imp**t t** *v*il**ilit

Reasoning

No *n*lysis *v*il**l*

5.3

Basic Information

Concerned about an active attack path?

CVE-2023-22250: Magento Open Source allows Improper Access Control

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI