Vulnerabilities > CVE-2020-3769 - Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Misc. NASL id ADOBE_EXPERIENCE_MANAGER_APSB20-31.NASL description The version of Adobe Experience Manager installed on the remote host is 6.1.x, 6.2.x, 6.3.x, 6.4.x prior to 6.4.8.1, or 6.5.x prior to 6.5.5.0. It is, therefore, affected by multiple vulnerabilities: - An unspecified server-side request forgery (SSRF) that could result in sensitive information disclosure (CVE-2020-9643) - An unspecified cross-site scripting vulnerability that could result in arbitrary javaScript execution (CVE-2020-9644, CVE-2020-9647, CVE-2020-9648, CVE-2020-9651) - An unspecified blind server-side request forgery that could result sensitive information disclosure (CVE-2020-9645) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-13 modified 2020-06-12 plugin id 137367 published 2020-06-12 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137367 title Adobe Experience Manager 6.1.x < 6.4.8.1 / 6.5.x < 6.5.5.0 (APSB20-32) NASL family Misc. NASL id ADOBE_EXPERIENCE_MANAGER_APSB20-15.NASL description The version of Adobe Experience Manager installed on the remote host is 6.1.x, 6.2.x, 6.3.x prior to 6.3.3.8, 6.4.x prior to 6.4.8.0, or 6.5.x prior to 6.5.4.0. It is, therefore, affected by a server-side request forgery (SSRF) vulnerability due to insufficient validation of user-supplied input. A remote, unauthenticated attacker can exploit this, by sending a crafted HTTP request to trick the application to initiate requests to arbitrary systems in order to gain access to sensitive data located in the local network or to send malicious requests to other servers from the vulnerable system. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-13 modified 2020-03-20 plugin id 134715 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134715 title Adobe Experience Manager 6.1.x / 6.2.x / 6.3.x < 6.3.3.8 / 6.4.x < 6.4.8.0 / 6.5.x < 6.5.4.0 (APSB20-15)