Sensitive Token Exposure in Adobe Experience Manager
CVE-2017-3111

7.5HIGH

Key Information:

Vendor

Adobe
Status
Adobe Experience Manager 6.3, 6.2, 6.1, 6.0
Vendor
CVE Published:
9 December 2017

What is CVE-2017-3111?

An issue has been identified in Adobe Experience Manager where sensitive tokens may be inadvertently included in HTTP GET requests under specific conditions. This exposure can lead to unauthorized access to sensitive information, making it critical for affected users to implement security measures to safeguard their data. Security professionals are advised to promptly assess and mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adobe Experience Manager 6.3, 6.2, 6.1, 6.0 Adobe Experience Manager 6.3, 6.2, 6.1, 6.0

References

http://www.securitytracker.com/id/1039800
vdb-entryx_refsource_SECTRACK
https://helpx.adobe.com/security/products/experience-mana...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101843
vdb-entryx_refsource_BID

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.