VDB

CVE-2025-54249

CVE-2025-54249 PUBLISHED CVSS 6.5 MEDIUM

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.

EPSS 5.60% · 90.5th percentile

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
5.60%
90.5th percentile

Affected Products

VendorProductVersions
adobeexperience_manager0, 6.5, 6.5
AdobeAdobe Experience Manager0

Timeline

  • Jan 21, 1970 CrowdSec Sighting
  • Jun 10, 2021 CrowdSec Sighting
  • Mar 8, 2022 CrowdSec Sighting
  • Nov 18, 2022 CrowdSec Sighting
  • Dec 9, 2022 CrowdSec Sighting
  • Dec 11, 2022 CrowdSec Sighting
  • Dec 11, 2022 CrowdSec Sighting
  • Dec 16, 2022 CrowdSec Sighting
  • Dec 16, 2022 CrowdSec Sighting
  • Dec 19, 2022 CrowdSec Sighting
  • Dec 27, 2022 CrowdSec Sighting
  • Dec 28, 2022 CrowdSec Sighting
Open in Interactive Console →
$ Console Community · 100/wk Open console ›