Lucene search

AdobeAPSB16-11

HistoryApr 12, 2016 - 12:00 a.m.

APSB16-11 Security update available for the Creative Cloud Desktop Application

2016-04-1200:00:00

helpx.adobe.com

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.288 Low

EPSS

Percentile

96.9%

JSON

Adobe has released a security update for the Creative Cloud Desktop Application for Windows and Macintosh. This update resolves an important vulnerability in the Sync Process for Creative Cloud Libraries that could be abused to remotely read and write files on the client’s file system.

Affected configurations

Vulners

Node

adobecreative_cloud_desktop_applicationRange≤3.5

CPENameOperatorVersion
creative cloud desktop applicationle3.5

CPE	Name	Operator	Version
	creative cloud desktop application	le	3.5

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.288 Low

EPSS

Percentile

96.9%

JSON

Related for APSB16-11