Adobe Monthly Security Update (October 2022)
Release Date: 12 Oct 2022
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe ColdFusion |  Medium Risk | Remote Code Execution Information Disclosure Elevation of Privilege Security Restriction Bypass Data Manipulation | APSB22-44 | |
| Adobe Acrobat and Reader | Medium Risk | Denial of Service Information Disclosure Remote Code Execution | APSB22-46 | |
| Magento | Medium Risk | Cross-site Scripting Remote Code Execution | APSB22-48 | |
| Adobe Animate | Medium Risk | Remote Code Execution Information Disclosure | APSB22-57 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 4
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Information Disclosure
- Elevation of Privilege
- Security Restriction Bypass
- Data Manipulation
- Denial of Service
- Cross-Site Scripting
System / Technologies affected
- Adobe ColdFusion 2018 Update 14 and earlier versions
- Adobe ColdFusion 2021 Update 4 and earlier versions
- Adobe Acrobat DC 22.002.20212 and earlier versions
- Adobe Acrobat Reader DC 22.002.20212 and earlier versions
- Adobe Acrobat 2020 20.005.30381 and earlier versions
- Adobe Acrobat Reader 2020 20.005.30381 and earlier versions
- Adobe Commerce 2.4.4-p1 and earlier versions
- Adobe Commerce 2.4.5 and earlier versions
- Adobe Magento Open Source 2.4.4-p1 and earlier versions
- Adobe Magento Open Source 2.4.5 and earlier versions
- Adobe Dimension 3.4.5 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言