Adobe has released a security update for Adobe Connect. This update resolves an important authentication bypass vulnerability (CVE-2018-4994), which could result in sensitive information disclosure if successfully exploited. This update also resolves an important session management vulnerability due to inadequate validation of Connect meeting session tokens. Finally, the Connect add-in installer prior to 9.7 insecurely loads DLL files, which could be abused to escalate local privileges.
CPE | Name | Operator | Version |
---|---|---|---|
adobe connect | le | 9.7 |