CVE-2016-0956

7.5HIGH

Key Information:

Vendor: Apache
Status: Sling
Vendor: CVE Published:; 10 February 2016

Summary

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.

References

http://seclists.org/fulldisclosure/2016/Feb/48

mailing-listx_refsource_FULLDISC

https://helpx.adobe.com/security/products/experience-mana...

x_refsource_CONFIRM

http://www.securityfocus.com/archive/1/537498/100/0/threaded

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 10, 2016
Vulnerability Reserved
Dec 22, 2015