Improper Access Control Vulnerability in AEM Cloud Service and Earlier Versions

Improper Access Control Vulnerability in AEM Cloud Service and Earlier Versions

CVE-2021-21083 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service in the context of the current user.

Learn more about our Cloud Audit.