CVE-2018-4921 — Unrestricted File Upload in Adobe Connect

CWE-434 — Unrestricted File Upload3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.6%
top 30.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Connect
Timeline
PublishedMay 19
Latest updateMay 13

Description

Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

â–¶NVDadobe/connect9.7

🔴Vulnerability Details

2
GHSA
GHSA-rqrm-cfh9-q539: Adobe Connect versions 9↗2022-05-13
â–¶
CVEList
CVE-2018-4921: Adobe Connect versions 9↗2018-05-19
â–¶
CVE-2018-4921 — Unrestricted File Upload in Adobe | cvebase