Bulletin ID
Last updated on
Security updates available for Adobe Experience Manager Forms | APSB23-77
|
|
Date Published |
Priority |
|---|---|---|
|
APSB23-77 |
December 15, 2023 |
1 |
Summary
Adobe has released security updates for AEM Forms on JEE versions 6.5.19.0 and earlier. This dependency update resolves a critical vulnerability that could lead to arbitrary code execution.
Affected product versions
| Product | Version | Platform |
|---|---|---|
| Adobe Experience Manager (AEM) Forms on JEE |
6.5.19.0 and earlier |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
| Adobe Experience Manager (AEM) Forms on JEE |
6.5.19.1 |
All | 1 | AEM 6.5 Service Pack Release Notes |
| 6.5.13.0 - 6.5.18.0 | All |
1 |
Update Instructions |
Note:
Please contact Adobe customer care for assistance with AEM versions 6.4, 6.3 and 6.2.
Updates to Dependencies
| CVE | Dependency |
Vulnerability Impact |
Affected Versions |
| CVE-2023-50164 |
Apache Struts |
Arbitrary code execution |
AEM 6.5.19.0 and earlier |
For more information, please see: https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.