Adobe Experience Manager Vulnerability Could Lead to Security Feature Bypass
CVE-2024-43755

3.5LOW

Key Information:

Vendor: Adobe
Status: Adobe Experience Manager
Vendor: CVE Published:; 10 December 2024

Summary

Adobe Experience Manager, specifically versions 6.5.21 and earlier, is susceptible to an Improper Input Validation vulnerability that allows an attacker to circumvent established security features. This vulnerability necessitates user interaction to exploit, requiring the target person to inadvertently open a malicious file. Successful exploitation could lead to unauthorized access to sensitive information and functionalities, undermining the integrity of the application. Organizations using these affected versions should take immediate action to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Adobe Experience Manager 0 <= 6.5.21

References

https://helpx.adobe.com/security/products/experience-mana...

vendor-advisory

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 10, 2024