Adobe Experience Manager 6.4/6.5 Code Execution weak authentication

A vulnerability was found in Adobe Experience Manager 6.4/6.5 (Content Management System). It has been declared as critical. This vulnerability affects some unknown processing. The manipulation with an unknown input leads to a weak authentication vulnerability (Code Execution). The CWE definition for the vulnerability is CWE-287. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was disclosed 08/16/2019 as APSB19-42 as confirmed security bulletin (Website). The advisory is shared for download at helpx.adobe.com. This vulnerability was named CVE-2019-7964 since 02/12/2019. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.

Upgrading eliminates this vulnerability.

Type

• Content Management System

Vendor

• Adobe

Name

• Experience Manager

• 🔒
• 🔒

• 🔒
• 🔒

VulDB Meta Base Score: 6.3
VulDB Meta Temp Score: 6.0

VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Weak authentication / Code Execution (CWE-287)
Local: No
Remote: Yes

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

02/12/2019 CVE assigned
08/16/2019 +185 days Advisory disclosed
08/17/2019 +1 days VulDB entry created
08/17/2019 +0 days VulDB last updateVendor: adobe.com

Advisory: APSB19-42
Status: Confirmed

CVE: CVE-2019-7964 (🔒)

Created: 08/17/2019 08:42 AM
Complete: 🔍

Comments