Adobe Security Bulletin

Last updated on

Security updates available for Adobe Experience Manager | APSB20-08

Bulletin ID	Date Published	Priority
APSB20-08	February 11, 2020	2

Summary

Adobe has released security hotfixes for Adobe Experience Manager (AEM). These hotfixes resolve a vulnerability in AEM versions 6.5 and 6.4 rated Important. Successful exploitation could result in a denial-of-service condition.

Affected product versions

Product	Version	Platform
Adobe Experience Manager	6.5 6.4	All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product	Version	Platform	Priority	Availability
Adobe Experience Manager	6.5	All	2	AEM-6.5.4.0 (Package Share) AEM-6.5.4.0 (Software Distribution) cq-6.5.0-hotfix-31870 (Package Share) 6.5.0-hotfix-31870-1.2 (Software Distribution)
6.4	All	2	AEM-6.4.8.0 (Package Share) AEM-6.4.8.0 (Software Distribution) cq-6.4.0-hotfix-31868 (Package Share) 6.4.0-hotfix-31868-1.2 (Software Distribution)

Product

Version

Platform

Priority

Availability

Adobe Experience Manager

6.5

All

AEM-6.5.4.0 (Package Share)

AEM-6.5.4.0 (Software Distribution)

cq-6.5.0-hotfix-31870 (Package Share)

6.5.0-hotfix-31870-1.2 (Software Distribution)

6.4

All

AEM-6.4.8.0 (Package Share)

AEM-6.4.8.0 (Software Distribution)

cq-6.4.0-hotfix-31868 (Package Share)

6.4.0-hotfix-31868-1.2 (Software Distribution)

Note:

The 6.5 hotfix should be installed on AEM 6.5.3.0

The 6.4 hotfix should be installed on AEM 6.4.7.0

Note:

See here for more information on the new Software Distribution interface.

Vulnerability details

Vulnerability Category	Vulnerability Impact	Severity	CVE Number	Affected Versions
Uncontrolled Resource Consumption	Denial-of-service	Important	CVE-2020-3741	AEM 6.4 AEM 6.5

Note:

AEM versions 6.3 and below are not impacted by this issue.

Adobe Security Bulletin

Summary

Affected product versions

Solution

Vulnerability details

Ask the Community

Contact Us