Solved

Dispatcher vulnerability is allowing access to AEM nodes by using special encoding technique

Forum|Forum|2 years ago
June 22, 2023
1 reply
1906 views

One of our security team member was successful in accessing critical AEM nodes by bypassing dispatcher using this special encoding technique that uses ASCII code for the } character (Example: * /.%7D./.%7D./.%7D./.%7D./.%7D./)

To bypass authentication they downloaded an auth certificate using this vulnerability.

We were able to address this by adding few entries in dispatcher filters.

But we are not able to understand why ' } ' worked as valid bypass?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by ManviSharma

Hi,

The specific reason why '}' worked as a valid bypass would require further investigation into the specific vulnerabilities present in your AEM implementation and the encoding technique being used.

However, It could be related to how the application interprets or mishandles special characters in certain contexts.

ManviSharma

Accepted solution

Adobe Employee

Hi,

The specific reason why '}' worked as a valid bypass would require further investigation into the specific vulnerabilities present in your AEM implementation and the encoding technique being used.

However, It could be related to how the application interprets or mishandles special characters in certain contexts.

D

dsrivastava

Level 2

Hi @manvisharma

Is there a fix to circumvent this? This looks like an Adobe OOTB issue and multiple clients are having to figure temporary workarounds to fix this

Devanshi

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded