CVE-2020-24444
5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Summary
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems that reside on the same network.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Adobe | Experience Manager | <= Forms SP6 add-on for AEM 6.5.6.0 | affected |
| Adobe | Experience Manager | <= Forms SP8 add-on for AEM 6.4.8.2 | affected |
| Adobe | Experience Manager | <= None | affected |
Weaknesses
- CWE-918: Server-Side Request Forgery (SSRF) (CWE-918)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.