Lucene search
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ADOBE_CREATIVE_CLOUD_APSB20-68.NASLHistoryOct 22, 2020 - 12:00 a.m.
Adobe Creative Cloud Desktop < 5.3 Arbitrary Code Execution (APSB20-68)
2020-10-2200:00:00
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
The version of Adobe Creative Cloud Desktop installed on the remote Windows host is prior to version 5.3.
It is, therefore, affected by arbitrary code execution vulnerability.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(141805);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/03");
script_cve_id("CVE-2020-24422");
script_xref(name:"IAVA", value:"2020-A-0484-S");
script_name(english:"Adobe Creative Cloud Desktop < 5.3 Arbitrary Code Execution (APSB20-68)");
script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of Adobe Creative Cloud Desktop installed on the remote Windows host is prior to version 5.3.
It is, therefore, affected by arbitrary code execution vulnerability.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/creative-cloud/apsb20-68.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Creative Cloud Desktop version 5.3.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-24422");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/20");
script_set_attribute(attribute:"patch_publication_date", value:"2020/10/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/22");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:creative_cloud");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("adobe_creative_cloud_installed.nbin");
script_require_keys("installed_sw/Adobe Creative Cloud");
exit(0);
}
include('vcf.inc');
app = 'Adobe Creative Cloud';
app_info = vcf::get_app_info(app:app, win_local:TRUE);
constraints = [
{'fixed_version' : '5.3' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | creative_cloud | cpe:/a:adobe:creative_cloud |
Related
adobe
adobe
cve
cve
CVE-2020-24422
2020-10-21 20:15:00
prion
prion
Design/Logic Flaw
2020-10-21 20:15:00
threatpost
threatpost
Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
2020-10-20 18:31:55
Related for ADOBE_CREATIVE_CLOUD_APSB20-68.NASL