CVE-2017-3110Sensitive Information Exposure in Adobe Experience Manager

CWE-200Sensitive Information Exposure5 documents3 sources
Severity
7.5HIGHNVD
EPSS
9.6%
top 7.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Experience ManagerAdobe Systems Incorporated Experience Manager
Timeline
PublishedAug 11
Latest updateMay 17

Description

Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5adobe_systems_incorporated/experience_managerAEM 6.1 and earlier

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-92xw-3r5f-g37v: Adobe Experience Manager 62022-05-17

💬Community

3
Bugzilla
CVE-2017-15086 samba: SMB2 connections don't keep encryption across DFS redirects (incomplete fix of CVE-2017-12151)2017-10-24
Bugzilla
CVE-2017-15087 samba: Server memory information leak over SMB1 (incomplete fix for CVE-2017-12163)2017-10-24
Bugzilla
CVE-2017-15085 samba: Some code path don't enforce smb signing, when they should (incomplete fix of CVE-2017-12150)2017-10-24
CVE-2017-3110 — Sensitive Information Exposure in Adobe | cvebase