MEDIUM🇵🇱 Wersja polska

CVE-2021-36061

CVSS 5.4v3.1pub. 2021-09-01upd. 2024-11-21

Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user interaction in that a victim must publish a link of a Connect recording.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
  • Adobe Connect

    APP
    Adobe
    ≤ 11.2.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2026-27303CRITICAL9.6PL ✓ten sam produkt

Adobe Connect — RCE poprzez Deserialization of Untrusted Data

CVE-2026-27245CRITICAL9.3PL ✓ten sam produkt

Reflected XSS w Adobe Connect umożliwiający przejęcie sesji

CVE-2026-27243CRITICAL9.3PL ✓ten sam produkt

Reflected XSS w Adobe Connect umożliwiający przejęcie sesji

CVE-2026-27246CRITICAL9.3PL ✓ten sam produkt

DOM-based XSS w Adobe Connect — przejęcie sesji użytkownika

CVE-2026-34615CRITICAL9.3PL ✓ten sam produkt

Adobe Connect – RCE przez Deserialization of Untrusted Data