CVE-2017-3111 โ€” Sensitive Information Exposure in Adobe Experience Manager

CWE-200 โ€” Sensitive Information Exposure8 documents3 sources
Severity
7.5HIGHNVD
EPSS
9.6%
top 7.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Experience Manager
Timeline
PublishedDec 9
Latest updateMay 17

Description

An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

โ–ถNVDadobe/experience_manager6.1.0, 6.2.0+1

๐Ÿ”ดVulnerability Details

1
GHSA
GHSA-hj9w-rhc7-6m8g: An issue was discovered in Adobe Experience Manager 6โ†—2022-05-17
โ–ถ

๐Ÿ’ฌCommunity

6
Bugzilla
CVE-2017-13741 liblouis: Use-after-free in the function compileBrailleIndicator()โ†—2017-09-06
โ–ถ
Bugzilla
CVE-2017-13738 liblouis: Illegal address access in the _lou_getALine functionโ†—2017-09-06
โ–ถ
Bugzilla
CVE-2017-13740 liblouis: Stack-buffer overflow in the parseChars() functionโ†—2017-09-06
โ–ถ
Bugzilla
CVE-2017-13742 liblouis: Stack-buffer overflow in the function includeFile()โ†—2017-09-06
โ–ถ
Bugzilla
CVE-2017-13743 liblouis: Buffer overflow in the function _lou_showString()โ†—2017-09-06
โ–ถ
CVE-2017-3111 โ€” Sensitive Information Exposure in Adobe | cvebase