Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user interaction.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or user's privacy. Exploitation of this issue does not require user interaction. | Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user interaction. |
Thu, 12 Dec 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 |
Thu, 12 Dec 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. | Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or user's privacy. Exploitation of this issue does not require user interaction. |
Title | Adobe Experience Manager | Improper Access Control (CWE-284) | Adobe Experience Manager | Information Exposure (CWE-200) |
Weaknesses | CWE-200 |
Tue, 03 Dec 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:* cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:* |
Mon, 07 Oct 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | AMS - /bin/wcm/contentfinder/asset/view?itemResourceType (not fixed - report 1847219) | Adobe Experience Manager | Improper Access Control (CWE-284) |
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-03-18T17:54:30.681Z
Updated: 2024-12-12T21:50:26.471Z
Reserved: 2024-02-14T17:37:23.405Z
Link: CVE-2024-26119
Vulnrichment
Updated: 2024-08-01T23:59:32.649Z
NVD
Status : Analyzed
Published: 2024-03-18T18:15:19.000
Modified: 2024-12-13T20:00:50.237
Link: CVE-2024-26119
Redhat
No data.