CVE-2021-36061

MEDIUM Year: 2021
CVSS v3 Score
5.4
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-657
View all →

Vulnerability Description

Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user interaction in that a victim must publish a link of a Connect recording.

Related Vulnerabilities

CVE-2019-5478

MEDIUM
CVSS:5.5(Medium)

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boo...

CWE-6572019

CVE-2017-6032

MEDIUM
CVSS:5.3(Medium)

A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-fo...

CWE-6572017

CVE-2020-8133

MEDIUM
CVSS:5.3(Medium)

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.

CWE-6572020

CVE-2022-30683

MEDIUM
CVSS:5.3(Medium)

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism...

CWE-6572022

CVE-2019-15611

MEDIUM
CVSS:4.9(Medium)

Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifica...

CWE-6572019

CVE-2022-28244

MEDIUM
CVSS:6.3(Medium)

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content se...

CWE-6572022