Vulnerability Description
Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Dispatcher | <= 4.1.4 |
| Adobe | Experience Manager | 5.6.1 |
| Apple | Mac Os X | All versions |
| Linux | Kernel | All versions |
| Microsoft | Windows | All versions |
References
- https://helpx.adobe.com/security/products/experience-manager/apsb16-05.htmlPatchVendor Advisory
- https://helpx.adobe.com/security/products/experience-manager/apsb16-05.htmlPatchVendor Advisory
FAQ
What is CVE-2016-0957?
CVE-2016-0957 is a vulnerability with a CVSS score of 7.5 (HIGH). Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.
How severe is CVE-2016-0957?
CVE-2016-0957 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-0957?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Dispatcher, Adobe Experience Manager, Apple Mac Os X, Linux Kernel, Microsoft Windows.