U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-34102

Change History

Initial Analysis by NIST 7/09/2024 12:00:38 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.2:ext-1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.2:ext-2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.2:ext-3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.3:ext-1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.3:ext-2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.3:ext-3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*
     *cpe:2.3:a:adobe:commerce_webhooks:*:*:*:*:*:*:*:* versions from (including) 1.2.0 up to (including) 1.4.0
     *cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*
     *cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*
Changed Reference Type
https://helpx.adobe.com/security/products/magento/apsb24-40.html No Types Assigned
https://helpx.adobe.com/security/products/magento/apsb24-40.html Vendor Advisory
Changed Reference Type
https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 No Types Assigned
https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 Exploit, Technical Description, Third Party Advisory