Adobe Experience Manager Improper Access Control Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability allowing improper access control has been identified in Adobe Experience Manager (AEM) versions 6.5.22 and earlier. This vulnerability could lead to privilege escalation, where a low-privileged attacker bypasses security measures to gain unauthorized elevated access. Notably, exploitation of this issue does not require user interaction.

Impact

Exploitation of this vulnerability could allow a low-privileged attacker to bypass access controls and gain unauthorized elevated privileges within the application.

Added: Jun 11, 2025, 3:49 AM

Updated: Jun 11, 2025, 3:49 AM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

5.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

5.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe Experience Manager Improper Access Control Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Adobe Experience Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating