CVE-2019-8081 โ€” Sensitive Information Exposure in Adobe Experience Manager

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
4.6%
top 10.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Experience ManagerAdobe Experience Manager
Timeline
PublishedOct 25
Latest updateMay 24

Description

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

โ–ถNVDadobe/experience_manager4 versions+3
โ–ถCVEListV5adobe/adobe_experience_manager6.5, 6.4, 6.3, 6.2

๐Ÿ”ดVulnerability Details

1
GHSA
GHSA-ppg5-jv44-479j: Adobe Experience Manager versions 6โ†—2022-05-24
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
rConfig 3.9.3 - Authenticated Remote Code Executionโ†—2020-01-30
โ–ถ
CVE-2019-8081 โ€” Sensitive Information Exposure in Adobe | cvebase