CVE-2024-46938

HIGH

7.5CVSS v3

—CVSS v2

93.43% EPSS (exploit probability)

CWE-200CWE

Description

An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch?
Ubiquiti	Ubiquiti EdgeRouter X	`—`	—	—	No

External references

NIST NVD
MITRE CVE