Detections
Analytics

Adobe Experience Manager < 6.5.23 (GRANITE-61551 Hotfix) / 6.5 LTS SP1 (GRANITE-61551 Hotfix) Multiple Security feature bypass (APSB25-90)

high Nessus Plugin ID 264629

Language:

Synopsis

The Adobe Experience Manager instance installed on the remote host is affected by multiple vulnerabilities.

Description

The version of Adobe Experience Manager installed on the remote host is prior or equal to 6.5.23. It is, therefore, might be affected by multiple vulnerabilities as referenced in the APSB25-90 advisory.

 - Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access. (CVE-2025-54249)

 - Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Scope is changed (CVE-2025-54248)

 - Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. (CVE-2025-54246)

 - Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. (CVE-2025-54247)

 - Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. (CVE-2025-54250)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

See vendor advisory

See Also

http://www.nessus.org/u?103fc681

Plugin Details

Severity: High

ID: 264629

File Name: adobe_experience_manager_apsb25-90.nasl

Version: 1.1

Type: remote

Agent: windows, macosx, unix

Family: Misc.

Published: 9/12/2025

Updated: 9/12/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2025-54249

CVSS v3

Risk Factor: High

Base Score: 7.7

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2025-54248

Vulnerability Information

CPE: cpe:/a:adobe:experience_manager

Required KB Items: installed_sw/Adobe Experience Manager, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 9/9/2025

Vulnerability Publication Date: 9/9/2025

Reference Information

CVE: CVE-2025-54246, CVE-2025-54247, CVE-2025-54248, CVE-2025-54249, CVE-2025-54250, CVE-2025-54251, CVE-2025-54252

CWE: 20, 79, 863, 91, 918

IAVA: 2025-A-0651