CVE-2018-4923OS Command Injection in Adobe Connect

CWE-78OS Command Injection3 documents3 sources
Severity
9.1CRITICALNVD
EPSS
10.9%
top 6.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Connect
Timeline
PublishedMay 19
Latest updateMay 14

Description

Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

NVDadobe/connect9.7

🔴Vulnerability Details

2
GHSA
GHSA-68r8-v7h5-8r8x: Adobe Connect versions 92022-05-14
CVEList
CVE-2018-4923: Adobe Connect versions 92018-05-19
CVE-2018-4923 — OS Command Injection in Adobe Connect | cvebase