CVE-2021-28579

Name of the Vulnerable Software and Affected Versions Adobe Connect versions 11.2.1 and earlier

Description The issue is related to improper access control in Adobe Connect, which can lead to the elevation of privileges. An attacker with Learner permissions can exploit this to access the list of event participants. The vulnerability is associated with deficiencies in access control, allowing a remote attacker to increase their privileges.

Recommendations For Adobe Connect versions 11.2.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to sensitive features that can be exploited by users with Learner permissions to minimize the risk of exploitation.