Adobe Experience Manager 6.4/6.5 Code Execution weak authentication – Digitalmunition




Exploit/Advisories Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on August 17th, 2019 📆 | 6741 Views ⚑

0

Adobe Experience Manager 6.4/6.5 Code Execution weak authentication

CVSS Meta Temp ScoreCurrent Exploit Price (≈)
6.0$0-$5k

A vulnerability was found in Adobe Experience Manager 6.4/6.5 (Content Management System). It has been declared as critical. This vulnerability affects some unknown processing. The manipulation with an unknown input leads to a weak authentication vulnerability (Code Execution). The CWE definition for the vulnerability is CWE-287. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was disclosed 08/16/2019 as APSB19-42 as confirmed security bulletin (Website). The advisory is shared for download at helpx.adobe.com. This vulnerability was named CVE-2019-7964 since 02/12/2019. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.

Upgrading eliminates this vulnerability.

Type

Vendor

Name

VulDB Meta Base Score: 6.3
VulDB Meta Temp Score: 6.0

VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔒
VulDB Reliability: 🔍

AVACAuCIA
🔍🔍🔍🔍🔍🔍
🔍🔍🔍🔍🔍🔍
🔍🔍🔍🔍🔍🔍
VectorComplexityAuthenticationConfidentialityIntegrityAvailability
unlockunlockunlockunlockunlockunlock
unlockunlockunlockunlockunlockunlock
unlockunlockunlockunlockunlockunlock


VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Weak authentication / Code Execution (CWE-287)
Local: No
Remote: Yes

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

02/12/2019 CVE assigned
08/16/2019 +185 days Advisory disclosed
08/17/2019 +1 days VulDB entry created
08/17/2019 +0 days VulDB last updateVendor: adobe.com

Advisory: APSB19-42
Status: Confirmed

CVE: CVE-2019-7964 (🔒)

Created: 08/17/2019 08:42 AM
Complete: 🔍

Comments

No comments yet. Please log in to comment.

Download it now for free!

https://vuldb.com/?id.140272

Tagged with:



Leave a Reply