Login Sign Up

CVE-2020-9643

7.5 HIGH
SSRF

📋 TL;DR

This CVE describes a server-side request forgery (SSRF) vulnerability in Adobe Experience Manager versions 6.5 and earlier. Attackers can exploit this vulnerability to make the server send unauthorized requests to internal systems, potentially exposing sensitive information. Organizations using affected Adobe Experience Manager versions are at risk.

💻 Affected Systems

Products:
  • Adobe Experience Manager
Versions: 6.5 and earlier versions
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments of affected versions are vulnerable regardless of configuration.

📦 What is this software?

Experience Manager by Adobe

View all CVEs affecting Experience Manager →

Experience Manager by Adobe

View all CVEs affecting Experience Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of internal network resources, data exfiltration from internal systems, and potential lateral movement to other critical infrastructure.

🟠

Likely Case

Unauthorized access to internal services, exposure of sensitive configuration data, and potential credential harvesting from metadata services.

🟢

If Mitigated

Limited to unsuccessful SSRF attempts with proper network segmentation and input validation controls in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires understanding of SSRF techniques and knowledge of internal network targets.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply security updates as specified in APSB20-31

Vendor Advisory: https://helpx.adobe.com/security/products/experience-manager/apsb20-31.html

Restart Required: Yes

Instructions:

1. Review APSB20-31 advisory. 2. Download appropriate security updates from Adobe. 3. Apply patches following Adobe's deployment guidelines. 4. Restart affected services. 5. Verify patch application.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict outbound network access from Adobe Experience Manager servers to only necessary internal services

Input Validation

all

Implement strict URL validation and whitelisting for all user-supplied URL parameters

🧯 If You Can't Patch

  • Implement strict network egress filtering to limit what internal resources the server can access
  • Deploy web application firewall (WAF) rules to detect and block SSRF patterns

🔍 How to Verify

Check if Vulnerable:

Check Adobe Experience Manager version against affected versions (6.5 and earlier)

Check Version:

Check AEM version through admin console or system information

Verify Fix Applied:

Verify that security updates from APSB20-31 have been applied and version is no longer vulnerable

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from AEM server
  • Requests to internal IP addresses or metadata services
  • Failed SSRF attempts in application logs

Network Indicators:

  • AEM server making unexpected requests to internal services
  • Traffic to cloud metadata endpoints (169.254.169.254, etc.)

SIEM Query:

source_ip:AEM_server AND (dest_ip:INTERNAL_RANGE OR dest_ip:169.254.169.254)

📊 Metadata

CVE ID: CVE-2020-9643
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-918
Published: June 12, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-9643, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2019-13020 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Tightrope Media Carousel's ...

Same vulnerability type (CWE-918)
CVE-2019-16932 10.0

This is a blind Server-Side Request Forgery (SSRF) vulnerability in the Visualizer plugin for WordPr...

Same vulnerability type (CWE-918)