02/14/2022: Magento Open Source and Adobe Commerce Critical Vulnerability

Comments

2 comments

  • Avatar
    Kirsten Flores

    On February 15, 2022, by 20:00 CDT, Alert Logic released scan coverage to identify this vulnerability. A scan performed after this release will check for the version of Magento, and an exposure will be raised in the Alert Logic console for CVE-2022-24086 if a vulnerable version is found.

    0
    Comment actions Permalink
  • Avatar
    Kirsten Flores

    Since the initial announcement of CVE-2022-24086, a related vulnerability has been added – CVE-2022-24087. Adobe has now released patches for both vulnerabilities. If you originally patched before February 17, 2022, you may need to apply an additional patch to address CVE-2022-24087. This article has been updated to include CVE-2022-24087 and the additional patch recommendation.

    0
    Comment actions Permalink

Please sign in to leave a comment.