Bulletin ID
Last updated on
May 16, 2021
|
Also applies to Adobe Connect
Security updates available for Adobe Connect | APSB18-18
|
|
Date Published |
Priority |
|---|---|---|
|
APSB18-18 |
May 8, 2018 |
2 |
Summary
An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure.
Affected product versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Connect |
9.7.5 and earlier |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users follow the instructions outlined below:
|
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
|
Adobe Connect |
9.7.5 |
All |
2 |
A mitigation is available to customers by modifying Tomcat filters to control remote access to system configuration files. Please refer to the following help page for more details. An upcoming release of version 9.8.1 will include this change in default deployments.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
|---|---|---|---|
|
Authentication Bypass |
Sensitive Information disclosure |
Important |
CVE-2018-4994 |