Adobe Security Bulletin

Security updates available for Adobe Experience Manager | APSB20-08

Bulletin ID

Date Published

Priority

APSB20-08

February 11, 2020

2

Summary

Adobe has released security hotfixes for Adobe Experience Manager (AEM). These hotfixes resolve a vulnerability in AEM versions 6.5 and 6.4 rated Important.  Successful exploitation could result in a denial-of-service condition.  

Affected product versions

Product

Version

Platform

Adobe Experience Manager

6.5

6.4

All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product

Version

Platform

Priority

Availability

 

Adobe Experience Manager

6.5

All

2

AEM-6.5.4.0 (Package Share)

AEM-6.5.4.0 (Software Distribution)

cq-6.5.0-hotfix-31870 (Package Share)

6.5.0-hotfix-31870-1.2 (Software Distribution)

6.4

All

2

AEM-6.4.8.0 (Package Share)

AEM-6.4.8.0 (Software Distribution)

cq-6.4.0-hotfix-31868 (Package Share)

6.4.0-hotfix-31868-1.2 (Software Distribution)

Note:

The 6.5 hotfix should be installed on AEM 6.5.3.0

The 6.4 hotfix should be installed on AEM 6.4.7.0

Note:

See here for more information on the new Software Distribution interface.

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVE Number 

Affected Versions

Uncontrolled Resource Consumption

Denial-of-service

Important

CVE-2020-3741

AEM 6.4

AEM 6.5

Note:

AEM versions 6.3 and below are not impacted by this issue.  

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online