Adobe Security Bulletin

Security updates available for Adobe Connect | APSB18-18

Bulletin ID

Date Published

Priority

APSB18-18

May 8, 2018

2

Summary

An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure.

 

Affected product versions

Product

Version

Platform

Adobe Connect

9.7.5 and earlier

All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users follow the instructions outlined below:

Product

Version

Platform

Priority

Availability

Adobe Connect

9.7.5

All

2

A mitigation is available to customers by modifying Tomcat filters to control remote access to system configuration files. Please refer to the following help page for more details. An upcoming release of version 9.8.1 will include this change in default deployments.

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Authentication Bypass

Sensitive Information disclosure

Important

CVE-2018-4994

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online