Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.
History

Tue, 17 Dec 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe experience Manager
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*
cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*
Vendors & Products Adobe
Adobe experience Manager

Wed, 11 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 10 Dec 2024 22:15:00 +0000

Type Values Removed Values Added
Description Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.
Title Adobe Experience Manager | Improper Authorization (CWE-285)
Weaknesses CWE-285
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-12-10T22:03:46.889Z

Updated: 2024-12-11T17:11:02.272Z

Reserved: 2024-08-15T17:12:15.441Z

Link: CVE-2024-43731

cve-icon Vulnrichment

Updated: 2024-12-11T17:10:58.472Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-10T22:15:08.953

Modified: 2024-12-17T16:10:11.630

Link: CVE-2024-43731

cve-icon Redhat

No data.