Primary

Context

Adobe Experience Manager Improper Input Validation Vulnerability Allowing Security Feature Bypass

Vulnerability

Patched

A vulnerability allowing security feature bypass through improper input validation has been identified in Adobe Experience Manager (AEM) versions 6.5.23.0 and earlier. This vulnerability could be exploited by a low-privileged attacker to bypass security measures and gain unauthorized read access.

Impact

Exploitation of this vulnerability could lead to unauthorized read access by bypassing security features.

Remediation

Users are advised to update to Adobe Experience Manager 6.5.23 (GRANITE-61551 Hotfix) or AEM Cloud Service Release 2025.9. For assistance with AEM versions 6.4, 6.3, and 6.2, please contact Adobe customer care.

Added: Sep 9, 2025, 6:24 PM

Updated: Sep 9, 2025, 6:24 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe Experience Manager Improper Input Validation Vulnerability Allowing Security Feature Bypass

Vulnerability

Impact

Remediation

Affected Products

Adobe Experience Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating