PT-2016-4486 · Apache+1 · Apache Sling+1

Ateeq Khan

Published

2016-02-10

Updated

2022-05-14

CVE-2016-0956

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Sling versions 2.3.6 Adobe Experience Manager versions 5.6.1, 6.0.0, 6.1.0

Description The issue allows remote attackers to obtain sensitive information via unspecified vectors.

Recommendations For Apache Sling version 2.3.6, update to a version that contains a fix for this issue. For Adobe Experience Manager versions 5.6.1, 6.0.0, 6.1.0, update to a version that contains a fix for this issue.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-0956

GHSA-M27M-628V-XXP2

Affected Products

Experience Manager

Apache Sling

PT-2016-4486 · Apache+1 · Apache Sling+1

CVE-2016-0956

Weakness Enumeration

Related Identifiers

Affected Products

References · 8