Skip to main content

Special Announcement

  • 25 Jun 2024

    Announcement for Change of Chinese Name

    Please note that the Chinese name of HKCERT is changed from 「香港電腦保安事故協調中心」 to 「香港網絡安全事故協調中心」 with immediate effect.

    The English name, abbreviation, web address and email address remained unchanged.

Adobe Monthly Security Update (March 2024)

Release Date: 13 Mar 2024 2899 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe Experience ManagerMedium Risk Medium RiskCross-site Scripting
Remote Code Execution
Security Restriction Bypass
 APSB24-05
Adobe Premiere ProMedium Risk Medium RiskRemote Code Execution APSB24-12
Adobe ColdFusionMedium Risk Medium RiskInformation Disclosure APSB24-14
Adobe BridgeMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB24-15
Adobe LightroomMedium Risk Medium RiskRemote Code Execution APSB24-17
Adobe AnimateMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB24-19

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 6

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Cross-Site Scripting
  • Information Disclosure

System / Technologies affected

  • Adobe Experience Manager (AEM) AEM Cloud Service (CS)
  • Adobe Experience Manager (AEM) 6.5.19.0 and earlier versions
  • Adobe Premiere Pro 24.1 and earlier versions
  • Adobe Premiere Pro 23.6.2 and earlier versions
  • ColdFusion 2023 Update 6 and earlier versions
  • ColdFusion 2021 Update 12 and earlier versions
  • Adobe Bridge  13.0.5 and earlier versions
  • Adobe Bridge  14.0.1 and earlier versions
  • Lightroom 7.1.2 and earlier versions
  • Adobe Animate 2023 23.0.3 and earlier versions
  • Adobe Animate 2024 24.0 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier


Source


Related Link