CVE-2017-3108
critical
CVSS v3
9.8
CVSS v2
7.5
VIR risk
9.8
Description
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@adobe.com — https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | experience_manager | {"endIncluding":"6.2"} | |
References
- http://www.securityfocus.com/bid/100195
- http://www.securitytracker.com/id/1039099
- https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html
- http://www.securityfocus.com/bid/100195
- http://www.securitytracker.com/id/1039099
- https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html
CWEs
CWE-434
Verify integrity in audit chain (admin only). AS-IS.