Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
adobeAdobeAPSB24-28
HistoryJun 11, 2024 - 12:00 a.m.

APSB24-28 : Security update available for Adobe Experience Manager

2024-06-1100:00:00
helpx.adobe.com
5
adobe
experience manager
security update
vulnerabilities
code execution
file system read
security bypass

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

81.0%

JSON

Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve vulnerabilities rated critical, important and moderate. Successful exploitation of these vulnerabilities could result in arbitrary code execution, arbitrary file system read and security feature bypass.

Affected configurations

Vulners
Node
adobeexperience_managerRange6.5aem_cloud_service
CPENameOperatorVersion
adobe experience manager (aem)le6.5

Related

nessus 1
nvd 48
vulnrichment 57
cve 45
cvelist 48
nessus
nessus
Adobe Experience Manager 6.5.0 < 6.5.21 Multiple Vulnerabilities (APSB24-28)
2024-06-11 00:00:00
nvd
nvd
CVE-2024-36147
2024-06-13 08:16:02
CVE-2024-36196
2024-06-13 08:16:13
CVE-2024-36239
2024-06-13 08:16:23
vulnrichment
vulnrichment
CVE-2024-36197 DOM XSS in `libs/clientlibs/social/commons/toggle/clientlibs/toggle.js`
2024-06-13 07:52:48
CVE-2024-36172 Stored XSS in `bin/wcm/contentfinder/page/view` PageViewHandler.createHit()
2024-06-13 07:52:29
CVE-2024-26058 DOM XSS in `/libs/cq/gui/components/projects/admin/pod/translationjobpod/clientlibs/js/translationjobpod.js`
2024-06-13 07:52:27
cve
cve
CVE-2024-36164
2024-06-13 08:16:06
CVE-2024-36168
2024-06-13 08:16:07
CVE-2024-36172
2024-06-13 08:16:08
cvelist
cvelist
CVE-2024-36196 Stored XSS in `libs/dam/components/scene7/dynamicmedia/clientlibs/dynamicmedia/js/init.js`
2024-06-13 07:53:26
CVE-2024-36162 AMS XSS - /libs/cq/personalization/components/traits/trait.js.jsp
2024-06-13 07:53:05
CVE-2024-26029 Form selector allows directory listing and running of arbitrary resources in libs, bin folders that are not usually accessible
2024-06-13 07:53:02

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

81.0%

JSON
Related for APSB24-28
nessus1nvd48vulnrichment57cve45cvelist48