Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ADOBE_EXPERIENCE_MANAGER_APSB23-18.NASL
HistoryMar 15, 2023 - 12:00 a.m.

Adobe Experience Manager 6.5.0.0 < 6.5.16.0 Multiple Vulnerabilities (APSB23-18)

2023-03-1500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

The version of Adobe Experience Manager installed on the remote host is prior to 6.5.16.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-18 advisory.

  • Cross-site Scripting (Reflected XSS) (CWE-79) potentially leading to Arbitrary code execution (CVE-2023-22252, CVE-2023-22253, CVE-2023-22254)

  • URL Redirection to Untrusted Site (‘Open Redirect’) (CWE-601) potentially leading to Security feature bypass (CVE-2023-22256, CVE-2023-22257, CVE-2023-22258, CVE-2023-22259, CVE-2023-22260, CVE-2023-22261, CVE-2023-22262, CVE-2023-22263, CVE-2023-22264, CVE-2023-22265, CVE-2023-22266)

  • Cross-site Scripting (Stored XSS) (CWE-79) potentially leading to Arbitrary code execution (CVE-2023-21615, CVE-2023-21616, CVE-2023-22269)

  • Weak Cryptography for Passwords (CWE-261) potentially leading to Privilege escalation (CVE-2023-22271)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(172583);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/16");

  script_cve_id(
    "CVE-2023-21615",
    "CVE-2023-21616",
    "CVE-2023-22252",
    "CVE-2023-22253",
    "CVE-2023-22254",
    "CVE-2023-22256",
    "CVE-2023-22257",
    "CVE-2023-22258",
    "CVE-2023-22259",
    "CVE-2023-22260",
    "CVE-2023-22261",
    "CVE-2023-22262",
    "CVE-2023-22263",
    "CVE-2023-22264",
    "CVE-2023-22265",
    "CVE-2023-22266",
    "CVE-2023-22269",
    "CVE-2023-22271"
  );
  script_xref(name:"IAVA", value:"2023-A-0144-S");

  script_name(english:"Adobe Experience Manager 6.5.0.0 < 6.5.16.0 Multiple Vulnerabilities (APSB23-18)");

  script_set_attribute(attribute:"synopsis", value:
"The Adobe Experience Manager instance installed on the remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Experience Manager installed on the remote host is prior to 6.5.16.0. It is, therefore, affected by
multiple vulnerabilities as referenced in the APSB23-18 advisory.

  - Cross-site Scripting (Reflected XSS) (CWE-79) potentially leading to Arbitrary code execution
    (CVE-2023-22252, CVE-2023-22253, CVE-2023-22254)

  - URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) potentially leading to Security feature
    bypass (CVE-2023-22256, CVE-2023-22257, CVE-2023-22258, CVE-2023-22259, CVE-2023-22260, CVE-2023-22261,
    CVE-2023-22262, CVE-2023-22263, CVE-2023-22264, CVE-2023-22265, CVE-2023-22266)

  - Cross-site Scripting (Stored XSS) (CWE-79) potentially leading to Arbitrary code execution
    (CVE-2023-21615, CVE-2023-21616, CVE-2023-22269)

  - Weak Cryptography for Passwords (CWE-261) potentially leading to Privilege escalation (CVE-2023-22271)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://helpx.adobe.com/security/products/experience-manager/apsb23-18.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cffad5e2");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Experience Manager version 6.5.16.0 or later.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-22269");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(79, 261, 601);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/03/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/15");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:experience_manager");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("adobe_experience_manager_http_detect.nbin");
  script_require_keys("installed_sw/Adobe Experience Manager");

  exit(0);
}

include('vcf.inc');
include('http.inc');

var port = get_http_port(default:4502);
var app_info = vcf::get_app_info(app:'Adobe Experience Manager', port:port);

vcf::check_granularity(app_info:app_info, sig_segments:2);

var constraints = [
  { 'min_version' : '6.5.0.0', 'fixed_version' : '6.5.16.0' }
];
vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_WARNING,
    flags:{'xss':TRUE}
);
VendorProductVersionCPE
adobeexperience_managercpe:/a:adobe:experience_manager

References

Related

adobe 1
prion 18
cvelist 18
cnvd 18
cve 18
adobe
adobe
APSB23-18 : Security update available for Adobe Experience Manager
2023-03-14 00:00:00
prion
prion
Open redirect
2023-03-22 17:15:00
Cross site scripting
2023-03-22 17:15:00
Security feature bypass
2023-03-22 17:15:00
cvelist
cvelist
CVE-2023-22266 AEM URL Redirection to Untrusted Site Security feature bypass
2023-03-22 00:00:00
CVE-2023-22261 AEM URL Redirection to Untrusted Site Security feature bypass
2023-03-22 00:00:00
CVE-2023-22269 AEM Reflected XSS Arbitrary code execution
2023-03-22 00:00:00
cnvd
cnvd
Adobe Experience Manager Encryption Issue Vulnerability
2023-03-17 00:00:00
Adobe Experience Manager URL Redirection Vulnerability (CNVD-2023-45911)
2023-03-17 00:00:00
Adobe Experience Manager URL redirection vulnerability (CNVD-2023-45907)
2023-03-17 00:00:00
cve
cve
CVE-2023-22269
2023-03-22 17:15:14
CVE-2023-22261
2023-03-22 17:15:14
CVE-2023-22263
2023-03-22 17:15:14
JSON
Related for ADOBE_EXPERIENCE_MANAGER_APSB23-18.NASL
adobe1prion18cvelist18cnvd18cve18