Security updates available for Adobe Experience Manager | APSB17-26
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product | Version | Platform | Priority | Availability |
Adobe Experience Manager |
6.3 |
All | 2 | Release note |
6.2 | All | 2 | Release note |
|
6.1 | All | 2 | Release note |
|
6.0 | All | 2 | Release note |
Please contact Adobe customer care for assistance with earlier AEM versions.
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers | Affected Version | Download Package |
Disclosure of product version number |
Information disclosure |
Moderate |
CVE-2017-3107 |
AEM 6.3 and earlier |
Cumulative Fix Pack for 6.1 SP2 - AEM-6.1-SP2-CFP9 |
Insufficient file type validation during file upload |
Arbitrary code execution attacks |
Important | CVE-2017-3108 |
AEM 6.2 and earlier | Hotfix 16617 for 6.0.0 version 1.2 Cumulative Fix Pack for 6.1 SP2 - AEM-6.1-SP2-CFP3 Cumulative Fix Pack for 6.2 SP1 - AEM-6.2-SP1-CFP4 |
Internal Information Disclosure in Output | Information disclosure | Moderate | CVE-2017-3110 | AEM 6.1 and earlier |
Cumulative Fix Pack for 6.1 SP2 - AEM-6.1-SP2-CFP10
|