CVE-2025-46889

Summary

Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized elevated access. Exploitation of this issue does not require user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeAdobe Experience Manager0 <= 6.5.22affected

Weaknesses

  • CWE-284: Improper Access Control (CWE-284)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References