CVE-2024-26063 MEDIUM

CVE-2024-26063: Adobe Experience Manager | Information Exposure (CWE-200)

Vendor Adobe
Product Adobe Experience Manager
Weakness CWE-200 · Info exposure
Published March 18, 2024
Last update October 7, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exploitation of this issue does not require user interaction.

Key dates

02Disclosure timeline

March 18, 2024 CVE published
October 7, 2024 Record updated