{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T22:13:18.701","vulnerabilities":[{"cve":{"id":"CVE-2025-46840","sourceIdentifier":"psirt@adobe.com","published":"2025-06-10T23:15:24.350","lastModified":"2025-06-13T13:04:39.607","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high."},{"lang":"es","value":"Las versiones 6.5.22 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de autorización incorrecta que podría provocar una escalada de privilegios. Un atacante con pocos privilegios podría aprovechar esta vulnerabilidad para eludir las medidas de seguridad y obtener acceso no autorizado. Para explotar este problema se requiere la interacción del usuario. Un atacante con éxito puede abusar de esta vulnerabilidad para tomar el control de la sesión, lo que aumenta el impacto en la confidencialidad y la integridad."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*","versionEndExcluding":"6.5.23.0","matchCriteriaId":"15DC0724-7B85-4EC8-B9E6-76DA0F26F6D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*","versionEndExcluding":"2025.5.0","matchCriteriaId":"8A395D75-088D-41C2-BCE6-30CB049798FE"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}}]}