CVE-2018-12807

MEDIUM

Adobe Experience Manager <6.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an input validation bypass vulnerability. Successful exploitation could lead to unauthorized information modification.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041470
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105068

Scores

CVSS v3 5.3
EPSS 0.0490
EPSS Percentile 91.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-20
Status published
Products (2)
adobe/experience_manager 6.3.2.1
adobe/experience_manager 6.1.2.1 - 6.1.2.16
Published Aug 29, 2018
Tracked Since Feb 18, 2026