1. CVE-Search
  2. CVE-2018-12809
ID CVE-2018-12809
Summary Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:experience_manager:5.6:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:5.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:5.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:5.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:5.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.1.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.1.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp1:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp1:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp10:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp10:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp11:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp11:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp12.1:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp12.1:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp13:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp13:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp14:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp14:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp15:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp15:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp16:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp16:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp17:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp17:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp18:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp18:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp19:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp19:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp2:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp2:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp20:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp20:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp3:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp3:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp4:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp4:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp5:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp5:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp6:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp6:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp7:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp7:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp8:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp8:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp9:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.0:sp1-cfp9:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.2.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.2.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.3.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.3.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:experience_manager:6.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:experience_manager:6.4.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 17-09-2018 - 17:29)
Impact:
Exploitability:
CWE CWE-918
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 104702
confirm https://helpx.adobe.com/security/products/experience-manager/apsb18-23.html
Last major update 17-09-2018 - 17:29
Published 20-07-2018 - 19:29
Last modified 17-09-2018 - 17:29
Back to Top