CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
17.5%
The version of Adobe Experience Manager installed on the remote host is prior to 6.5.20.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-05 advisory.
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. (CVE-2024-20760, CVE-2024-20768, CVE-2024-20799, CVE-2024-26028, CVE-2024-26030, CVE-2024-26031, CVE-2024-26033, CVE-2024-26034, CVE-2024-26035, CVE-2024-26038, CVE-2024-26040, CVE-2024-26041, CVE-2024-26043, CVE-2024-26045, CVE-2024-26050, CVE-2024-26051, CVE-2024-26052, CVE-2024-26056, CVE-2024-26059, CVE-2024-26061, CVE-2024-26062, CVE-2024-26065, CVE-2024-26067, CVE-2024-26069, CVE-2024-26073, CVE-2024-26094, CVE-2024-26096, CVE-2024-26120, CVE-2024-26124, CVE-2024-26125)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim’s browser. Exploitation of this issue requires user interaction. (CVE-2024-26032)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim’s browser. (CVE-2024-26042)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage.
Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim’s browser.
(CVE-2024-26044)
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exploitation of this issue does not require user interaction. (CVE-2024-26063)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage.
Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim’s browser.
Exploitation of this issue requires user interaction. (CVE-2024-26064)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. (CVE-2024-26080)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.
(CVE-2024-26102, CVE-2024-26103, CVE-2024-26104, CVE-2024-26105, CVE-2024-26106, CVE-2024-26107, CVE-2024-26118)
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. (CVE-2024-26119)
Improper Input Validation (CWE-20) potentially leading to Security feature bypass (CVE-2024-26126, CVE-2024-26127)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(191909);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/14");
script_cve_id(
"CVE-2024-20760",
"CVE-2024-20768",
"CVE-2024-20799",
"CVE-2024-20800",
"CVE-2024-26028",
"CVE-2024-26030",
"CVE-2024-26031",
"CVE-2024-26032",
"CVE-2024-26033",
"CVE-2024-26034",
"CVE-2024-26035",
"CVE-2024-26038",
"CVE-2024-26040",
"CVE-2024-26041",
"CVE-2024-26042",
"CVE-2024-26043",
"CVE-2024-26044",
"CVE-2024-26045",
"CVE-2024-26050",
"CVE-2024-26051",
"CVE-2024-26052",
"CVE-2024-26056",
"CVE-2024-26059",
"CVE-2024-26061",
"CVE-2024-26062",
"CVE-2024-26063",
"CVE-2024-26064",
"CVE-2024-26065",
"CVE-2024-26067",
"CVE-2024-26069",
"CVE-2024-26073",
"CVE-2024-26080",
"CVE-2024-26094",
"CVE-2024-26096",
"CVE-2024-26102",
"CVE-2024-26103",
"CVE-2024-26104",
"CVE-2024-26105",
"CVE-2024-26106",
"CVE-2024-26107",
"CVE-2024-26118",
"CVE-2024-26119",
"CVE-2024-26120",
"CVE-2024-26124",
"CVE-2024-26125",
"CVE-2024-26126",
"CVE-2024-26127"
);
script_xref(name:"IAVA", value:"2024-A-0158-S");
script_xref(name:"IAVA", value:"2024-A-0349");
script_name(english:"Adobe Experience Manager 6.5.0.0 < 6.5.20.0 Multiple Vulnerabilities (APSB24-05)");
script_set_attribute(attribute:"synopsis", value:
"The Adobe Experience Manager instance installed on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Adobe Experience Manager installed on the remote host is prior to 6.5.20.0. It is, therefore, affected by
multiple vulnerabilities as referenced in the APSB24-05 advisory.
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS)
vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the
vulnerable field. (CVE-2024-20760, CVE-2024-20768, CVE-2024-20799, CVE-2024-26028, CVE-2024-26030,
CVE-2024-26031, CVE-2024-26033, CVE-2024-26034, CVE-2024-26035, CVE-2024-26038, CVE-2024-26040,
CVE-2024-26041, CVE-2024-26043, CVE-2024-26045, CVE-2024-26050, CVE-2024-26051, CVE-2024-26052,
CVE-2024-26056, CVE-2024-26059, CVE-2024-26061, CVE-2024-26062, CVE-2024-26065, CVE-2024-26067,
CVE-2024-26069, CVE-2024-26073, CVE-2024-26094, CVE-2024-26096, CVE-2024-26120, CVE-2024-26124,
CVE-2024-26125)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting
(XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web
pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing
the vulnerable script. This could result in arbitrary code execution in the context of the victim's
browser. Exploitation of this issue requires user interaction. (CVE-2024-26032)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting
(XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web
pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing
the vulnerable script. This could result in arbitrary code execution in the context of the victim's
browser. (CVE-2024-26042)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting
(XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage.
Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the
vulnerable script. This could result in arbitrary code execution in the context of the victim's browser.
(CVE-2024-26044)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability
that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain
unauthorized access to sensitive information, potentially bypassing security measures. Exploitation of
this issue does not require user interaction. (CVE-2024-26063)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting
(XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage.
Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the
vulnerable script. This could result in arbitrary code execution in the context of the victim's browser.
Exploitation of this issue requires user interaction. (CVE-2024-26064)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting
(XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web
pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing
the vulnerable script. (CVE-2024-26080)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting
(XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable
page, malicious JavaScript content may be executed within the context of the victim's browser.
(CVE-2024-26102, CVE-2024-26103, CVE-2024-26104, CVE-2024-26105, CVE-2024-26106, CVE-2024-26107,
CVE-2024-26118)
- Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control
vulnerability that could result in a Security feature bypass. An attacker could leverage this
vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does
not require user interaction. (CVE-2024-26119)
- Improper Input Validation (CWE-20) potentially leading to Security feature bypass (CVE-2024-26126,
CVE-2024-26127)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1fa49f98");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Experience Manager version 6.5.20.0 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-26125");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 200, 284, 79);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/12");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/12");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:experience_manager");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("adobe_experience_manager_http_detect.nbin");
script_require_keys("installed_sw/Adobe Experience Manager");
exit(0);
}
include('vcf.inc');
include('http.inc');
var port = get_http_port(default:4502);
var app_info = vcf::get_app_info(app:'Adobe Experience Manager', port:port);
vcf::check_granularity(app_info:app_info, sig_segments:2);
var constraints = [
{ 'min_version' : '6.5.0.0', 'fixed_version' : '6.5.20.0' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xss':TRUE}
);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20768
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26028
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26030
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26031
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26034
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26035
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26041
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26044
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26094
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26127
www.nessus.org/u?1fa49f98
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
17.5%