Bulletin ID
Last updated on
16 May 2021
Security updates available for Adobe Experience Manager | APSB20-08
|
|
Date Published |
Priority |
|---|---|---|
|
APSB20-08 |
February 11, 2020 |
2 |
Summary
Adobe has released security hotfixes for Adobe Experience Manager (AEM). These hotfixes resolve a vulnerability in AEM versions 6.5 and 6.4 rated Important. Successful exploitation could result in a denial-of-service condition.
Affected product versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Experience Manager |
6.5 6.4 |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
Adobe Experience Manager |
6.5 |
All |
2 |
AEM-6.5.4.0 (Package Share) AEM-6.5.4.0 (Software Distribution) cq-6.5.0-hotfix-31870 (Package Share) 6.5.0-hotfix-31870-1.2 (Software Distribution) |
6.4 |
All |
2 |
AEM-6.4.8.0 (Package Share) AEM-6.4.8.0 (Software Distribution) cq-6.4.0-hotfix-31868 (Package Share) 6.4.0-hotfix-31868-1.2 (Software Distribution) |
Note:
The 6.5 hotfix should be installed on AEM 6.5.3.0
The 6.4 hotfix should be installed on AEM 6.4.7.0
Note:
See here for more information on the new Software Distribution interface.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
Affected Versions |
|---|---|---|---|---|
|
Uncontrolled Resource Consumption |
Denial-of-service |
Important |
CVE-2020-3741 |
AEM 6.4 AEM 6.5 |
Note:
AEM versions 6.3 and below are not impacted by this issue.