COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-24086

CVE-2022-24086

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-02-15
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-24086
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.

Players implicated

Adobe · vendorCommerce and Magento Open Source · product

Description

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.

Affected FedRAMP products 8 in the catalog

ProductProviderStatusMatch
Adobe Acrobat Sign for Government Adobe Authorized vendor-exact · 0.90
Adobe Analytics Adobe Authorized vendor-exact · 0.90
Adobe Campaign Adobe Authorized vendor-exact · 0.90
Adobe Connect Managed Services (ACMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Creative Cloud for Enterprise Adobe Authorized vendor-exact · 0.90
Adobe Document Cloud (PDF Services & Adobe Sign) Adobe Authorized vendor-exact · 0.90
Adobe Experience Manager Managed Services (AEMMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Learning Manager Adobe Authorized vendor-exact · 0.90