VDB
CVE-2025-54249
CVE-2025-54249
PUBLISHED
CVSS 6.5 MEDIUM
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.
EPSS 5.60% · 90.5th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
5.60%
90.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| adobe | experience_manager | 0, 6.5, 6.5 |
| Adobe | Adobe Experience Manager | 0 |
Timeline
- Jan 21, 1970 CrowdSec Sighting
- Jun 10, 2021 CrowdSec Sighting
- Mar 8, 2022 CrowdSec Sighting
- Nov 18, 2022 CrowdSec Sighting
- Dec 9, 2022 CrowdSec Sighting
- Dec 11, 2022 CrowdSec Sighting
- Dec 11, 2022 CrowdSec Sighting
- Dec 16, 2022 CrowdSec Sighting
- Dec 16, 2022 CrowdSec Sighting
- Dec 19, 2022 CrowdSec Sighting
- Dec 27, 2022 CrowdSec Sighting
- Dec 28, 2022 CrowdSec Sighting