File Enumeration Vulnerability in Adobe Digital Editions
CVE-2020-3798

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Digital Editions
Vendor: CVE Published:; 26 June 2020

Summary

Adobe Digital Editions versions 4.5.11.187212 and earlier are susceptible to a file enumeration vulnerability that may expose sensitive information on a host or local network. When exploited successfully, this vulnerability allows attackers to gain unauthorized access to files, potentially compromising user data.

Affected Version(s)

Adobe Digital Editions 4.5.11.187212 and below versions

References

https://helpx.adobe.com/security/products/Digital-Edition...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2020
Vulnerability Reserved
Dec 17, 2019