Security updates available for Adobe Connect | APSB18-18
Bulletin ID Date Published Priority
APSB18-18 May 8, 2018 2

Summary

An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure.

 

Affected product versions

Product Version Platform
Adobe Connect 9.7.5 and earlier All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users follow the instructions outlined below:

Product Version Platform Priority Availability
Adobe Connect 9.7.5 All 2

Release note

Help page

A mitigation is available to customers by modifying Tomcat filters to control remote access to system configuration files. Please refer to the following help page for more details. An upcoming release of version 9.8.1 will include this change in default deployments.

Vulnerability details

Vulnerability Category Vulnerability Impact Severity CVE Number
Authentication Bypass Sensitive Information disclosure Important CVE-2018-4994