Bulletin ID
Last updated on
16 May 2021
Security updates available for Adobe Experience Manager | APSB20-15
|
|
Date Published |
Priority |
|---|---|---|
|
APSB20-15 |
March 17, 2020 |
2 |
Summary
Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve a vulnerability in AEM versions 6.5 and below rated Important. Successful exploitation could result in sensitive information disclosure.
Affected product versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Experience Manager |
6.5 and earlier versions |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
Adobe Experience Manager |
6.5 |
All |
2 |
Releases and Updates |
6.4 |
All |
2 |
||
| 6.3 | All | 2 | Releases and Updates |
Note:
Please contact Adobe customer care for assistance with earlier AEM versions.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
Affected Versions |
Release Notes |
|---|---|---|---|---|---|
|
Server-side request forgery (SSRF) |
Sensitive Information Disclosure |
Important |
CVE-2020-3769 |
AEM 6.1 AEM 6.2 AEM 6.3 AEM 6.4 AEM 6.5 |
Acknowledgments
Adobe would like to thank Mikhail Egorov (CVE-2020-3769) for reporting this issue and for working with Adobe to help protect our customers.
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online