Unrestricted SWF File Upload Vulnerability in Adobe Connect
CVE-2018-4921

6.1MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Connect 9.7 And Earlier
Vendor
CVE Published:
19 May 2018

Summary

Adobe Connect versions 9.7 and earlier are vulnerable to an unrestricted SWF file upload issue, enabling potential attackers to exploit the flaw. This security weakness can facilitate unauthorized access to sensitive information hosted on the platform, leading to possible information disclosure. It is crucial for users to apply necessary updates and patches to safeguard against this vulnerability.

Affected Version(s)

Adobe Connect 9.7 and earlier Adobe Connect 9.7 and earlier

References

http://www.securitytracker.com/id/1040523
vdb-entryx_refsource_SECTRACK
https://helpx.adobe.com/security/products/connect/apsb18-...
x_refsource_MISC
http://www.securityfocus.com/bid/103393
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.