PT-2021-3427 · Adobe · Experience Manager
Published
2021-05-11
·
Updated
2022-10-21
·
CVE-2021-21083
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe Experience Manager versions 6.3.3.8 and earlier
Adobe Experience Manager versions 6.4.8.3 and earlier
Adobe Experience Manager versions 6.5.7.0 and earlier
Adobe Experience Manager Cloud Service
Description
The issue is related to improper access control in the system, which can be exploited by an unauthenticated attacker to cause a denial-of-service attack. This can be done remotely.
Recommendations
For Adobe Experience Manager versions 6.3.3.8 and earlier, update to a version that includes the fix for the improper access control issue.
For Adobe Experience Manager versions 6.4.8.3 and earlier, update to a version that includes the fix for the improper access control issue.
For Adobe Experience Manager versions 6.5.7.0 and earlier, update to a version that includes the fix for the improper access control issue.
For Adobe Experience Manager Cloud Service, apply the necessary configuration changes or updates provided by Adobe to address the improper access control issue.
Fix
DoS
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Experience Manager