Improper Authorization Vulnerability in Adobe Experience Manager Cloud Service and 6.5.8.0 (and below) Allows Unauthenticated Attackers to Cause Application Denial-of-Service

Improper Authorization Vulnerability in Adobe Experience Manager Cloud Service and 6.5.8.0 (and below) Allows Unauthenticated Attackers to Cause Application Denial-of-Service

CVE-2021-28626 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by an Improper Authorization vulnerability allowing users to create nodes under a location. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue does not require user interaction.

Learn more about our Cloud Audit.