Adobe Security Bulletin

On this page

Summary
Affected product versions
Solution
Vulnerability details
Acknowledgments
Revisions

Applies to: Adobe Connect

某些 Creative Cloud 应用程序、服务和功能在中国不可用。

Security updates available for Adobe Connect | APSB21-19

Bulletin ID	Date Published	Priority
APSB21-19	March 09, 2021	3

Adobe has released a security update for Adobe Connect. This update resolves a critical and an important vulnerability. Successful exploitation could lead to arbitrary JavaScript execution within the context of the victim's browser.             

Product	Version	Platform
Adobe Connect	11.0.5 and earlier versions	All

Adobe categorizes these updates with the following  priority ratings and recommends users update their installation to the newest version:

Product	Version	Platform	Priority	Availability
Adobe Connect	11.2	All	3	Release note

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Improper Input Validation

Arbitrary code execution

Critical

CVE-2021-21085

Reflected cross-site scripting

Arbitrary JavaScript execution in the browser

Important

CVE-2021-21079

CVE-2021-21080

CVE-2021-21081

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

Lemonoftroy (CVE-2021-21079)   
kickass (janthraper)(CVE-2021-21085) 
Muhammed Ahmed (elpast) (CVE-2021-21080, CVE-2021-21081)

March 09, 2021: Updated CVE id from CVE-2021-21078 to CVE-2021-21085

Adobe Security Bulletin

Summary

Affected product versions

Solution

Vulnerability details

Acknowledgments

Revisions

Ask the Community

Contact Us