Security For Everyone

AEM - Adobe Experience Manager UserInfo Servlet Scanner

If UserInfoServlet is exposed, it allows to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node.

Short Info

Level

Medium

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

2 months 27 days

Scan only one

URL

Toolbox

-

AEM - Adobe Experience Manager is an enterprise-grade CMS. AEM is widely used by high-profile companies. AEM is big and complex. AEM also has 26 known CVEs. Misconfigured AEM applications can cause many critical vulnerabilities.

Get started to protecting your Free Full Security Scan

Start trial See the plans