CVE-2021-21083
Last modified
CVE-2021-21083 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service in the context of the current user.. EPSS estimates a 1.98% chance of exploitation in the next 30 days.
Description
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service in the context of the current user.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Experience Manager | <= 6.3.3.8 |
| Adobe | Experience Manager | >= 6.4.0.0, < 6.4.8.4 |
| Adobe | Experience Manager | >= 6.5.0.0, < 6.5.8.0 |
| Adobe | Experience Manager Cloud Service | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-21083?
How severe is CVE-2021-21083?
How do I fix CVE-2021-21083?
Are you affected by CVE-2021-21083?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST