Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user interaction.
History

Thu, 12 Dec 2024 22:00:00 +0000

Type Values Removed Values Added
Description Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or user's privacy. Exploitation of this issue does not require user interaction. Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user interaction.

Thu, 12 Dec 2024 18:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Thu, 12 Dec 2024 17:30:00 +0000

Type Values Removed Values Added
Description Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or user's privacy. Exploitation of this issue does not require user interaction.
Title Adobe Experience Manager | Improper Access Control (CWE-284) Adobe Experience Manager | Information Exposure (CWE-200)
Weaknesses CWE-200

Tue, 03 Dec 2024 22:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*
cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*

Mon, 07 Oct 2024 13:45:00 +0000

Type Values Removed Values Added
Title AMS - /bin/wcm/contentfinder/asset/view?itemResourceType (not fixed - report 1847219) Adobe Experience Manager | Improper Access Control (CWE-284)

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-03-18T17:54:30.681Z

Updated: 2024-12-12T21:50:26.471Z

Reserved: 2024-02-14T17:37:23.405Z

Link: CVE-2024-26119

cve-icon Vulnrichment

Updated: 2024-08-01T23:59:32.649Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-18T18:15:19.000

Modified: 2024-12-13T20:00:50.237

Link: CVE-2024-26119

cve-icon Redhat

No data.