Expand my Community achievements bar.

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

New potential security vulnerability

Avatar

Level 1
Level 1
10/15/15 7:28:25 PM

We received this email about a potential security vulnerability if AEM is misconfigured, however there is no further information around the specifics of the vulnerability for us to share with our internal teams and our clients. Can you expound on the issue so we can communicate this to our partners? It was recommended by SPPHelp to post in this forum.

Original email:

Security Alert:
It was recently brought to Adobe's attention by a security researcher that a customer misconfiguration during the implementation process could create a security vulnerability in Adobe Experience Manager (AEM). For information on how to configure the software during your implementation to avoid this and other potential issues, please refer to the AEM Security Checklist.
http://docs.adobe.com/docs/en/aem/6-1/administer/security/security-checklist.html

Views

532

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:28:25 PM

I sent this to the security team. They pointed to this document:

. The AEM 6.1 version of the security checklist can be located here :http://docs.adobe.com/docs/en/aem/6-1/administer/security/security-checklist.html and on AEM6, the security health check report is available under /libs/granite/operations/content/healthreports.html

Feel free to post additional questions and I will send to the security team. 

View solution in original post

Views

494

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:28:25 PM

I sent this to the security team. They pointed to this document:

. The AEM 6.1 version of the security checklist can be located here :http://docs.adobe.com/docs/en/aem/6-1/administer/security/security-checklist.html and on AEM6, the security health check report is available under /libs/granite/operations/content/healthreports.html

Feel free to post additional questions and I will send to the security team. 

Views

495

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Issue with spring vulnerabilities in AEM Solved

Views

150

Likes

0

Replies

3
Fields disabled in old Content Fragment Editor are editable in new editor – need way to disable them Solved

Views

270

Likes

0

Replies

4
AEM ClientLib Loading Issue: clientlib Not Loading During New Page Creation Solved

Views

350

Likes

0

Replies

4
How can we show only gated (Secure) Content for End User ? Solved

Views

247

Likes

0

Replies

2
Create DAM Language Copy / Workflow Not working for new projects

Views

188

Likes

0

Replies

3