Lucene search
AdobeCVELIST:CVE-2020-9733HistorySep 10, 2020 - 4:34 p.m.
CVE-2020-9733 Sensitive information disclosure possible in AEM
2020-09-1016:34:41
CWE-200
adobe
www.cve.org
7
aem
java
servlet
sensitive information
access
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.003
Percentile
68.8%
An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.
CNA Affected
[
{
"product": "Experience Manager",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "6.5.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.4.8.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2020-09-10 17:15:00
nvd
nvd
CVE-2020-9733
2020-09-10 17:15:36
cve
cve
CVE-2020-9733
2020-09-10 17:15:36
nessus
nessus
adobe
adobe
APSB20-56 Security update available for Adobe Experience Manager
2020-09-08 00:00:00
threatpost
threatpost
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
2020-09-08 16:52:23
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.003
Percentile
68.8%
Related for CVELIST:CVE-2020-9733