CVE-2017-3067

CWE-200 — Information Exposure3 documents3 sources

Severity

7.5HIGH

EPSS

4.5%

top 10.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Experience Manager Forms

Timeline

PublishedMay 9

Latest updateMay 17

Description

Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDadobe/experience_manager_forms6.0, 6.1, 6.2+2

🔴Vulnerability Details

GHSA

GHSA-p56m-rmx6-qqvf: Adobe Experience Manager Forms versions 6↗2022-05-17

▶

CVEList

CVE-2017-3067: Adobe Experience Manager Forms versions 6↗2017-05-09

▶