UI Redress Vulnerability in Adobe Connect by Adobe
CVE-2017-11290

6.1MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Connect 9.6.2 And Earlier Versions
Vendor
CVE Published:
9 December 2017

Summary

A UI Redress (Clickjacking) vulnerability was identified in Adobe Connect versions 9.6.2 and earlier. This flaw enables attackers to trick users into interacting with a transparent interface, potentially leading to unauthorized actions. Adobe has introduced a new protective feature for administrators to mitigate risks associated with clickjacking attacks, enhancing the overall security of the platform.

Affected Version(s)

Adobe Connect 9.6.2 and earlier Adobe Connect 9.6.2 and earlier versions

References

https://helpx.adobe.com/security/products/connect/apsb17-...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039799
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/101838
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.