How severe is CVE-2025-24430?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2025-24430?

This is classified as CWE-367, which is a common weakness in software security.

CVE-2025-24430 - LOW Severity | CVSS 3.7

Vulnerability Description

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.

Related Vulnerabilities

CVE-2022-45809

LOW

CVSS:3.7(Low)

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.

CWE-3672022

CVE-2022-45842

LOW

CVSS:3.7(Low)

Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.

CWE-3672022

CVE-2025-24432

LOW

CVSS:3.7(Low)

CWE-3672025

CVE-2022-24413

LOW

CVSS:3.6(Low)

Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to d...

CWE-3672022

CVE-2023-44128

LOW

CVSS:3.6(Low)

he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies") app. The app contains the exported "com.lge.lginstallservies.InstallService" service that exposes an AIDL...

CWE-3672023

CVE-2023-6803

MEDIUM

CVSS:4.0(Medium)

A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server si...

CWE-3672023