Blind Server-Side Request Forgery (SSRF) Vulnerability in AEM Forms SP6 and Forms add-on Package

Blind Server-Side Request Forgery (SSRF) Vulnerability in AEM Forms SP6 and Forms add-on Package

CVE-2020-24444 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems that reside on the same network.

Learn more about our Cis Benchmark Audit For Server Software.