Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.3090 APSB20-56 Security update available for Adobe Experience Manager 9 September 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe Experience Manager Publisher: Adobe Operating System: Mac OS Windows Impact/Access: Execute Arbitrary Code/Commands -- Unknown/Unspecified Increased Privileges -- Unknown/Unspecified Cross-site Scripting -- Unknown/Unspecified Access Confidential Data -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2020-9743 CVE-2020-9742 CVE-2020-9741 CVE-2020-9740 CVE-2020-9738 CVE-2020-9737 CVE-2020-9736 CVE-2020-9735 CVE-2020-9734 CVE-2020-9733 CVE-2020-9732 Original Bulletin: https://helpx.adobe.com/security/products/experience-manager/apsb20-56.html - --------------------------BEGIN INCLUDED TEXT-------------------- Security updates available for Adobe Experience Manager | APSB20-56 +-----------------------+-----------------------------------+-----------------+ |Bulletin ID |Date Published |Priority | +-----------------------+-----------------------------------+-----------------+ |APSB20-56 |September 8, 2020 |2 | +-----------------------+-----------------------------------+-----------------+ Summary Adobe has released updates for Adobe Experience Manager (AEM)and the AEM Forms add-on package. These updates resolve vulnerabilities rated Critical and Important . Successful exploitation of these vulnerabilities could result in arbitrary JavaScript execution in the browser. Affected product versions +------------------------------+-------------------------------------+--------+ | Product | Version |Platform| +------------------------------+-------------------------------------+--------+ | |6.5.5.0 and earlier versions |All | | +-------------------------------------+--------+ | |6.4.8.1 and earlier versions |All | |Adobe Experience Manager +-------------------------------------+--------+ | |6.3.3.8 and earlier versions |All | | +-------------------------------------+--------+ | |6.2 SP1-CFP20 and earlier versions |All | +------------------------------+-------------------------------------+--------+ |AEM Forms add-on |AEM Forms Service Pack 5 and earlier |All | | |versions | | +------------------------------+-------------------------------------+--------+ Solution Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version: +------------------+--------------+----------+--------+-----------------------+ |Product |Version |Platform |Priority|Availability | +------------------+--------------+----------+--------+-----------------------+ |Adobe Experience |6.5.6.0 |All |2 |AEM 6.5 Service Pack | |Manager(AEM) | | | |Release Notes | | +--------------+----------+--------+-----------------------+ | |6.4.8.2 |All |2 |AEM 6.4 Cumulative Fix | | | | | |Pack Release Notes | +------------------+--------------+----------+--------+-----------------------+ |AEM Forms add-on |AEM Forms |All |2 |AEM Forms Releases | | |Service Pack 6| | | | +------------------+--------------+----------+--------+-----------------------+ Note: Adobe Experience Manager 6.5.6.0 is an important update that includes new features, key customer requested enhancements, and performance, stability, and security improvements released since the general availability of 6.5 release in April 2019. It can be installed on top of Adobe Experience Manager 6.5. Note: AEM Cumulative Fix Pack 6.4.8.2 is an important update that includes several internal and customer fixes since the general availability of AEM 6.4 Service Pack 8 (6.4.8.0) in March 2020. AEM Cumulative Fix Pack 6.4.8.2 is dependent on AEM 6.4 Service Pack 8. Therefore, you must install the AEM Cumulative Fix Pack 6.4.8.2 package after installing AEM 6.4 Service Pack 8. Note: Please contact Adobe customer care for assistance with AEM versions 6.3 and 6.2. Vulnerability details +-----------------+--------------------+---------+--------------+-------------+ |Vulnerability |Vulnerability Impact|Severity |CVE Number |Affected | |Category | | | |Versions | | | | | | | +-----------------+--------------------+---------+--------------+-------------+ |Cross-site |Arbitrary JavaScript| | |AEM Forms SP5| |scripting |execution in the |Critical |CVE-2020-9732 |and earlier | |(stored) |browser | | | | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | |Execution with |Sensitive | | |and earlier | |Unnecessary |Information |Important|CVE-2020-9733 | | |Privileges |Disclosure | | |AEM 6.4.8.1 | | | | | |and earlier | +-----------------+--------------------+---------+--------------+-------------+ |Cross-site |Arbitrary JavaScript| | |AEM Forms SP5| |scripting |execution in the |Critical |CVE-2020-9734 |and earlier | |(stored) |browser | | | | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AAEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | |Cross-site |Arbitrary JavaScript| | |and earlier | |scripting |execution in the |Important|CVE-2020-9735 | | |(stored) |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | |Cross-site |Arbitrary JavaScript| | |and earlier | |scripting |execution in the |Important|CVE-2020-9736 | | |(stored) |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | |Cross-site |Arbitrary JavaScript| | |and earlier | |scripting |execution in the |Important|CVE-2020-9737 | | |(stored) |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ | | | |CVE-2020-9738 |AEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | |Cross-site |Arbitrary JavaScript| | |and earlier | |scripting |execution in the |Important| | | |(stored) |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | |Cross-site |Arbitrary JavaScript| | |and earlier | |scripting |execution in the |Critical |CVE-2020-9740 | | |(stored) |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ |Cross-site |Arbitrary JavaScript| | |AEM Forms SP5| |scripting |execution in the |Critical |CVE-2020-9741 |and earlier | |(stored) |browser | | | | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | | | | | |and earlier | |Cross-site |Arbitrary JavaScript| | | | |scripting |execution in the |Critical |CVE-2020-9742 |AEM 6.4.8.1 | |(reflected) |browser | | |and earlier | | | | | | | | | | | |AEM 6.3.3.8 | | | | | |and earlier | +-----------------+--------------------+---------+--------------+-------------+ | | | | |AEM 6.5.5.0 | | | | | |and earlier | | | | | | | | | | | |AEM 6.4.8.1 | | |Arbitrary HTML | | |and earlier | |HTML injection |injection in the |Important|CVE-2020-9743 | | | |browser | | |AEM 6.3.3.8 | | | | | |and earlier | | | | | | | | | | | |AEM 6.2 | | | | | |SP1-CFP20 and| | | | | |earlier | +-----------------+--------------------+---------+--------------+-------------+ Updates to dependencies +---------------------+---------------------------------+---------------------+ |Dependency |Vulnerability Impact |Affected Versions | +---------------------+---------------------------------+---------------------+ | | |AEM 6.5.5.0 and | | | |earlier | | | | | | | |AEM 6.4.8.1 and | | |Arbitrary JavaScript execution in|earlier | |Handlebars.js |the browser | | | | |AEM 6.3.3.8 and | | | |earlier | | | | | | | |AEM 6.2 SP1-CFP20 and| | | |earlier | +---------------------+---------------------------------+---------------------+ | | |AEM 6.5.5.0 and | | | |earlier | | | | | | | |AEM 6.4.8.1 and | |Lodash.js (removed | |earlier | |from AEM) |Prototype pollution | | | | |AEM 6.3.3.8 and | | | |earlier | | | | | | | |AEM 6.2 SP1-CFP20 and| | | |earlier | +---------------------+---------------------------------+---------------------+ | | |AEM 6.5.5.0 and | | | |earlier | | | | | | | |AEM 6.4.8.1 and | | | |earlier | |Log4j |Deserialization of untrusted data| | | | |AEM 6.3.3.8 and | | | |earlier | | | | | | | |AEM 6.2 SP1-CFP20 and| | | |earlier | +---------------------+---------------------------------+---------------------+ | | |AEM 6.5.5.0 and | | | |earlier | | | | | | | |AEM 6.4.8.1 and | | |XXE (Xml eXternal Entity) |earlier | |Dom4j |injection | | | | |AEM 6.3.3.8 and | | | |earlier | | | | | | | |AEM 6.2 SP1-CFP20 and| | | |earlier | +---------------------+---------------------------------+---------------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX1hq/ONLKJtyKPYoAQia/Q//fjVsGFzUv5zSU77oFNyWAk+u21Cq7IRH q43hn4MvZpRuOrK9fzvRv6c3yWlYF6nZA4x2Oh7EdlLTW8HAPoaIuMeaG4rD1jQ5 Gu640PMjbHJuGabamckkoL+C7BoemUqojA6RPDLylm+R1PAPgioxfl3LBLcVBTU5 g7vvDpIcwKX9qYYMGk+iRoomHmfnjPf34y4OxrCQIf20iD2B4udGKrZBUqpfnFDp 6NJpynmbD11NYwqLMlB4kBo+vLRnmkZ8sPCPM5tOtunARLXqR/ds9DJ090l84w/s Jy6ozC8dgcKgfwbDmADj/sohT//MlmSUuS6jukVI8nxQ4gTi7DxZhY/PN9M3/Oq4 TBEhj6suL7rsu3G9FDwMZhAwonG4NB795PLfEDQkPigdBsiKTEPDNFjA2oA2DTMJ TbMMCiEicjQMdOK20HI9OFVqKjNoz3Iwkjo3r2EXwcDURsrNMmDi4xK7Mshh9Amo JW2xMG6pzVVuNM4I304rFSDlurrAv4U/ykhr/39NWjcijr4na3WQCvLI/kc6z+iS B/K/Ib7+tweFtzJs8CVKBpijKpmNfBW1KX5WW0nzM7klgittVfY0HX1WoTTksJj0 n8nmjMtvbgaN8UU9H4le0WqVsjg0E34lVa7mTDT2+t0U9iC3PgQ/gPS/5/BKmv64 JzX+u+1zWzQ= =UMYb -----END PGP SIGNATURE-----