CVE-2018-4991

CWE-295Improper Certificate Validation3 documents3 sources
Severity
9.8CRITICAL
EPSS
2.2%
top 15.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Creative Cloud
Timeline
PublishedMay 19
Latest updateMay 14

Description

Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. Successful exploitation could lead to a security bypass.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5creative_cloud_desktop_application_4.4.1.298_and_earlier_versionsCreative Cloud Desktop Application 4.4.1.298 and earlier versions
NVDadobe/creative_cloud4.4.1.298

🔴Vulnerability Details

2
GHSA
GHSA-xqw6-233f-6mq4: Adobe Creative Cloud Desktop Application versions 42022-05-14
CVEList
CVE-2018-4991: Adobe Creative Cloud Desktop Application versions 42018-05-19
CVE-2018-4991 (CRITICAL CVSS 9.8) | Adobe Creative Cloud Desktop Applic | cvebase.io