Описание
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.5.22.0 (исключая)Версия до 2024.11.0 (исключая)
Одно из
cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*
cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*
EPSS
Процентиль: 36%
0.00152
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
около 1 года назад
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.
EPSS
Процентиль: 36%
0.00152
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo