CVE-2016-7885
high
CVSS v3
8.8
CVSS v2
6.8
VIR risk
8.8
Description
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
Predictions
Exploit likelihood
92%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@adobe.com — https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | experience_manager | {"endIncluding":"6.2.0"} | |
References
- http://www.securityfocus.com/bid/94876
- http://www.securitytracker.com/id/1037464
- https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html
- http://www.securityfocus.com/bid/94876
- http://www.securitytracker.com/id/1037464
- https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html
CWEs
CWE-352
Verify integrity in audit chain (admin only). AS-IS.