New potential security vulnerability

Question

We received this email about a potential security vulnerability if AEM is misconfigured, however there is no further information around the specifics of the vulnerability for us to share with our internal teams and our clients. Can you expound on the issue so we can communicate this to our partners? It was recommended by SPPHelp to post in this forum.

Original email:

Security Alert:
It was recently brought to Adobe's attention by a security researcher that a customer misconfiguration during the implementation process could create a security vulnerability in Adobe Experience Manager (AEM). For information on how to configure the software during your implementation to avoid this and other potential issues, please refer to the AEM Security Checklist.
http://docs.adobe.com/docs/en/aem/6-1/administer/security/security-checklist.html

smacdonald2008 · Accepted Answer

I sent this to the security team. They pointed to this document:

. The AEM 6.1 version of the security checklist can be located here :http://docs.adobe.com/docs/en/aem/6-1/administer/security/security-checklist.html and on AEM6, the security health check report is available under /libs/granite/operations/content/healthreports.html

Feel free to post additional questions and I will send to the security team.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded