Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.
History

Thu, 19 Dec 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe connect
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*
Vendors & Products Adobe
Adobe connect

Wed, 11 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 10 Dec 2024 21:00:00 +0000

Type Values Removed Values Added
Description Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.
Title Adobe Connect | Improper Access Control (CWE-284)
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-12-10T20:42:07.558Z

Updated: 2024-12-11T14:44:04.609Z

Reserved: 2024-11-27T16:21:41.943Z

Link: CVE-2024-54038

cve-icon Vulnrichment

Updated: 2024-12-11T14:43:56.708Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-10T21:15:21.210

Modified: 2024-12-19T18:58:38.737

Link: CVE-2024-54038

cve-icon Redhat

No data.