CVE-2024-54038

Name of the Vulnerable Software and Affected Versions: Adobe Connect versions 11.4.7 and earlier Adobe Connect version 12.6

Description: The issue is related to an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. The vulnerability may allow a remote attacker to bypass existing security restrictions and gain unauthorized access to protected information.

Recommendations: For Adobe Connect versions 11.4.7 and earlier, update to a version later than 11.4.7 to resolve the issue. For Adobe Connect version 12.6, update to a version later than 12.6 to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and security features until a patch is available.