Main Vulnerability Database Vulnerabilities #VU13629

#VU13629 Server-side request forgery in Adobe Experience Manager - CVE-2018-12809

Published: July 10, 2018

Vulnerability identifier: #VU13629

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-12809

CWE-ID: CWE-918

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Experience Manager

Software vendor:
Adobe

Description

The vulnerability allows a remote user to perform SSRF attack.

The weakness exists due to unspecified error. A remote attacker can perform SSRF attack to bypass network access controls, perform unauthorized connections to local resources and gain access to sensitive information.

Remediation

Install update from vendor's website.

External links

https://helpx.adobe.com//security/products/experience-manager/apsb18-23.html

#VU13629 Server-side request forgery in Adobe Experience Manager - CVE-2018-12809

Description

Remediation

External links

Please verify you're human