Vulnerability Details CVE-2017-11290
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-11290
-
cpe:2.3:a:adobe:connect:-
-
cpe:2.3:a:adobe:connect:1.0.0.1
-
cpe:2.3:a:adobe:connect:6.0
-
cpe:2.3:a:adobe:connect:6.1
-
cpe:2.3:a:adobe:connect:6.2
-
cpe:2.3:a:adobe:connect:6.3
-
cpe:2.3:a:adobe:connect:7.0
-
cpe:2.3:a:adobe:connect:7.2
-
cpe:2.3:a:adobe:connect:7.3
-
cpe:2.3:a:adobe:connect:7.5
-
cpe:2.3:a:adobe:connect:8.0
-
cpe:2.3:a:adobe:connect:8.1
-
cpe:2.3:a:adobe:connect:8.2
-
cpe:2.3:a:adobe:connect:8.2.1
-
cpe:2.3:a:adobe:connect:8.2.2
-
cpe:2.3:a:adobe:connect:9.0
-
cpe:2.3:a:adobe:connect:9.0.2
-
cpe:2.3:a:adobe:connect:9.0.3
-
cpe:2.3:a:adobe:connect:9.1
-
cpe:2.3:a:adobe:connect:9.1.2
-
cpe:2.3:a:adobe:connect:9.2
-
cpe:2.3:a:adobe:connect:9.3
-
cpe:2.3:a:adobe:connect:9.4.1
-
cpe:2.3:a:adobe:connect:9.4.2
-
cpe:2.3:a:adobe:connect:9.5
-
cpe:2.3:a:adobe:connect:9.5.2
-
cpe:2.3:a:adobe:connect:9.5.3
-
cpe:2.3:a:adobe:connect:9.5.4
-
cpe:2.3:a:adobe:connect:9.5.5
-
cpe:2.3:a:adobe:connect:9.5.6
-
cpe:2.3:a:adobe:connect:9.5.7
-
cpe:2.3:a:adobe:connect:9.6
-
cpe:2.3:a:adobe:connect:9.6.1
-
cpe:2.3:a:adobe:connect:9.6.2