Bulletin ID
Last updated on
May 16, 2021
Security updates available for Adobe Experience Manager | APSB20-15
|
|
Date Published |
Priority |
|---|---|---|
|
APSB20-15 |
March 17, 2020 |
2 |
Summary
Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve a vulnerability in AEM versions 6.5 and below rated Important. Successful exploitation could result in sensitive information disclosure.
Affected product versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Experience Manager |
6.5 and earlier versions |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
Adobe Experience Manager |
6.5 |
All |
2 |
Releases and Updates |
6.4 |
All |
2 |
||
| 6.3 | All | 2 | Releases and Updates |
Note:
Please contact Adobe customer care for assistance with earlier AEM versions.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
Affected Versions |
Release Notes |
|---|---|---|---|---|---|
|
Server-side request forgery (SSRF) |
Sensitive Information Disclosure |
Important |
CVE-2020-3769 |
AEM 6.1 AEM 6.2 AEM 6.3 AEM 6.4 AEM 6.5 |
Acknowledgments
Adobe would like to thank Mikhail Egorov (CVE-2020-3769) for reporting this issue and for working with Adobe to help protect our customers.