Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3090
APSB20-56 Security update available for Adobe Experience Manager
9 September 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Adobe Experience Manager
Publisher: Adobe
Operating System: Mac OS
Windows
Impact/Access: Execute Arbitrary Code/Commands -- Unknown/Unspecified
Increased Privileges -- Unknown/Unspecified
Cross-site Scripting -- Unknown/Unspecified
Access Confidential Data -- Unknown/Unspecified
Resolution: Patch/Upgrade
CVE Names: CVE-2020-9743 CVE-2020-9742 CVE-2020-9741
CVE-2020-9740 CVE-2020-9738 CVE-2020-9737
CVE-2020-9736 CVE-2020-9735 CVE-2020-9734
CVE-2020-9733 CVE-2020-9732
Original Bulletin:
https://helpx.adobe.com/security/products/experience-manager/apsb20-56.html
- --------------------------BEGIN INCLUDED TEXT--------------------
Security updates available for Adobe Experience Manager | APSB20-56
+-----------------------+-----------------------------------+-----------------+
|Bulletin ID |Date Published |Priority |
+-----------------------+-----------------------------------+-----------------+
|APSB20-56 |September 8, 2020 |2 |
+-----------------------+-----------------------------------+-----------------+
Summary
Adobe has released updates for Adobe Experience Manager (AEM)and the AEM Forms
add-on package. These updates resolve vulnerabilities rated Critical and Important
. Successful exploitation of these vulnerabilities could result
in arbitrary JavaScript execution in the browser.
Affected product versions
+------------------------------+-------------------------------------+--------+
| Product | Version |Platform|
+------------------------------+-------------------------------------+--------+
| |6.5.5.0 and earlier versions |All |
| +-------------------------------------+--------+
| |6.4.8.1 and earlier versions |All |
|Adobe Experience Manager +-------------------------------------+--------+
| |6.3.3.8 and earlier versions |All |
| +-------------------------------------+--------+
| |6.2 SP1-CFP20 and earlier versions |All |
+------------------------------+-------------------------------------+--------+
|AEM Forms add-on |AEM Forms Service Pack 5 and earlier |All |
| |versions | |
+------------------------------+-------------------------------------+--------+
Solution
Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version:
+------------------+--------------+----------+--------+-----------------------+
|Product |Version |Platform |Priority|Availability |
+------------------+--------------+----------+--------+-----------------------+
|Adobe Experience |6.5.6.0 |All |2 |AEM 6.5 Service Pack |
|Manager(AEM) | | | |Release Notes |
| +--------------+----------+--------+-----------------------+
| |6.4.8.2 |All |2 |AEM 6.4 Cumulative Fix |
| | | | |Pack Release Notes |
+------------------+--------------+----------+--------+-----------------------+
|AEM Forms add-on |AEM Forms |All |2 |AEM Forms Releases |
| |Service Pack 6| | | |
+------------------+--------------+----------+--------+-----------------------+
Note:
Adobe Experience Manager 6.5.6.0 is an important update that includes new
features, key customer requested enhancements, and performance, stability, and
security improvements released since the general availability of 6.5 release in
April 2019. It can be installed on top of Adobe Experience Manager 6.5.
Note:
AEM Cumulative Fix Pack 6.4.8.2 is an important update that includes several
internal and customer fixes since the general availability of AEM 6.4 Service
Pack 8 (6.4.8.0) in March 2020. AEM Cumulative Fix Pack 6.4.8.2 is dependent on
AEM 6.4 Service Pack 8. Therefore, you must install the AEM Cumulative Fix Pack
6.4.8.2 package after installing AEM 6.4 Service Pack 8.
Note:
Please contact Adobe customer care for assistance with AEM versions 6.3 and
6.2.
Vulnerability details
+-----------------+--------------------+---------+--------------+-------------+
|Vulnerability |Vulnerability Impact|Severity |CVE Number |Affected |
|Category | | | |Versions |
| | | | | |
+-----------------+--------------------+---------+--------------+-------------+
|Cross-site |Arbitrary JavaScript| | |AEM Forms SP5|
|scripting |execution in the |Critical |CVE-2020-9732 |and earlier |
|(stored) |browser | | | |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
|Execution with |Sensitive | | |and earlier |
|Unnecessary |Information |Important|CVE-2020-9733 | |
|Privileges |Disclosure | | |AEM 6.4.8.1 |
| | | | |and earlier |
+-----------------+--------------------+---------+--------------+-------------+
|Cross-site |Arbitrary JavaScript| | |AEM Forms SP5|
|scripting |execution in the |Critical |CVE-2020-9734 |and earlier |
|(stored) |browser | | | |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AAEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
|Cross-site |Arbitrary JavaScript| | |and earlier |
|scripting |execution in the |Important|CVE-2020-9735 | |
|(stored) |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
|Cross-site |Arbitrary JavaScript| | |and earlier |
|scripting |execution in the |Important|CVE-2020-9736 | |
|(stored) |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
|Cross-site |Arbitrary JavaScript| | |and earlier |
|scripting |execution in the |Important|CVE-2020-9737 | |
|(stored) |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
| | | |CVE-2020-9738 |AEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
|Cross-site |Arbitrary JavaScript| | |and earlier |
|scripting |execution in the |Important| | |
|(stored) |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
|Cross-site |Arbitrary JavaScript| | |and earlier |
|scripting |execution in the |Critical |CVE-2020-9740 | |
|(stored) |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
|Cross-site |Arbitrary JavaScript| | |AEM Forms SP5|
|scripting |execution in the |Critical |CVE-2020-9741 |and earlier |
|(stored) |browser | | | |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
| | | | |and earlier |
|Cross-site |Arbitrary JavaScript| | | |
|scripting |execution in the |Critical |CVE-2020-9742 |AEM 6.4.8.1 |
|(reflected) |browser | | |and earlier |
| | | | | |
| | | | |AEM 6.3.3.8 |
| | | | |and earlier |
+-----------------+--------------------+---------+--------------+-------------+
| | | | |AEM 6.5.5.0 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.4.8.1 |
| |Arbitrary HTML | | |and earlier |
|HTML injection |injection in the |Important|CVE-2020-9743 | |
| |browser | | |AEM 6.3.3.8 |
| | | | |and earlier |
| | | | | |
| | | | |AEM 6.2 |
| | | | |SP1-CFP20 and|
| | | | |earlier |
+-----------------+--------------------+---------+--------------+-------------+
Updates to dependencies
+---------------------+---------------------------------+---------------------+
|Dependency |Vulnerability Impact |Affected Versions |
+---------------------+---------------------------------+---------------------+
| | |AEM 6.5.5.0 and |
| | |earlier |
| | | |
| | |AEM 6.4.8.1 and |
| |Arbitrary JavaScript execution in|earlier |
|Handlebars.js |the browser | |
| | |AEM 6.3.3.8 and |
| | |earlier |
| | | |
| | |AEM 6.2 SP1-CFP20 and|
| | |earlier |
+---------------------+---------------------------------+---------------------+
| | |AEM 6.5.5.0 and |
| | |earlier |
| | | |
| | |AEM 6.4.8.1 and |
|Lodash.js (removed | |earlier |
|from AEM) |Prototype pollution | |
| | |AEM 6.3.3.8 and |
| | |earlier |
| | | |
| | |AEM 6.2 SP1-CFP20 and|
| | |earlier |
+---------------------+---------------------------------+---------------------+
| | |AEM 6.5.5.0 and |
| | |earlier |
| | | |
| | |AEM 6.4.8.1 and |
| | |earlier |
|Log4j |Deserialization of untrusted data| |
| | |AEM 6.3.3.8 and |
| | |earlier |
| | | |
| | |AEM 6.2 SP1-CFP20 and|
| | |earlier |
+---------------------+---------------------------------+---------------------+
| | |AEM 6.5.5.0 and |
| | |earlier |
| | | |
| | |AEM 6.4.8.1 and |
| |XXE (Xml eXternal Entity) |earlier |
|Dom4j |injection | |
| | |AEM 6.3.3.8 and |
| | |earlier |
| | | |
| | |AEM 6.2 SP1-CFP20 and|
| | |earlier |
+---------------------+---------------------------------+---------------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBX1hq/ONLKJtyKPYoAQia/Q//fjVsGFzUv5zSU77oFNyWAk+u21Cq7IRH
q43hn4MvZpRuOrK9fzvRv6c3yWlYF6nZA4x2Oh7EdlLTW8HAPoaIuMeaG4rD1jQ5
Gu640PMjbHJuGabamckkoL+C7BoemUqojA6RPDLylm+R1PAPgioxfl3LBLcVBTU5
g7vvDpIcwKX9qYYMGk+iRoomHmfnjPf34y4OxrCQIf20iD2B4udGKrZBUqpfnFDp
6NJpynmbD11NYwqLMlB4kBo+vLRnmkZ8sPCPM5tOtunARLXqR/ds9DJ090l84w/s
Jy6ozC8dgcKgfwbDmADj/sohT//MlmSUuS6jukVI8nxQ4gTi7DxZhY/PN9M3/Oq4
TBEhj6suL7rsu3G9FDwMZhAwonG4NB795PLfEDQkPigdBsiKTEPDNFjA2oA2DTMJ
TbMMCiEicjQMdOK20HI9OFVqKjNoz3Iwkjo3r2EXwcDURsrNMmDi4xK7Mshh9Amo
JW2xMG6pzVVuNM4I304rFSDlurrAv4U/ykhr/39NWjcijr4na3WQCvLI/kc6z+iS
B/K/Ib7+tweFtzJs8CVKBpijKpmNfBW1KX5WW0nzM7klgittVfY0HX1WoTTksJj0
n8nmjMtvbgaN8UU9H4le0WqVsjg0E34lVa7mTDT2+t0U9iC3PgQ/gPS/5/BKmv64
JzX+u+1zWzQ=
=UMYb
-----END PGP SIGNATURE-----