CVE-2017-11291Server-Side Request Forgery in Adobe Connect

CWE-918Server-Side Request Forgery3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
2.1%
top 15.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Connect
Timeline
PublishedDec 9
Latest updateMay 17

Description

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.8

Affected Packages1 packages

NVDadobe/connect9.6.2

🔴Vulnerability Details

2
GHSA
GHSA-64gr-f76r-4fqw: An issue was discovered in Adobe Connect 92022-05-17
CVEList
CVE-2017-11291: An issue was discovered in Adobe Connect 92017-12-09
CVE-2017-11291 — Server-Side Request Forgery in Adobe | cvebase