[technology taskforce] Security updates available for Adobe Connect | APSB18-18
Dev Anand Teelucksingh
devtee at gmail.com
Tue May 8 17:05:03 UTC 2018
Nothing to do from the end user end, but FYI
https://helpx.adobe.com/security/products/connect/apsb18-18.html
An important authentication bypass vulnerability (CVE-2018-4994)
exists in Adobe Connect versions 9.7.5 and earlier. Successful
exploitation of this vulnerability could result in sensitive
information disclosure.
>From https://helpx.adobe.com/adobe-connect/kb/update-for-adobe-connect-now-available-includes-latest-security-.html
During our security testing, it was discovered that Adobe Connect may
allow access to some Adobe Connect configuration console pages without
requiring authentication. These pages are read-only but display
information regarding the Adobe Connect Database account as well as
other configuration pages. Without direct access to the database, the
information cannot be accessed. However, we recommend following the
below steps to control access to these pages.
More information about the ttf
mailing list