Posted on

Magento up to 2.1.17/2.2.8/2.3.1 Access Control REST API Call privilege escalation

A vulnerability was found in Magento up to 2.1.17/2.2.8/2.3.1. It has been declared as critical. This vulnerability affects an unknown functionality of the component Access Control. Upgrading to version 2.1.18, 2.2.9 or 2.3.2 eliminates this vulnerability.