CVE-2021-36061 is a vulnerability in Adobe Connect
Published on September 1, 2021
Adobe Connect Violation of Secure Design Principles Vulnerability Can Lead To Editing Or Deleting Recordings
Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user interaction in that a victim must publish a link of a Connect recording.
Vulnerability Analysis
CVE-2021-36061 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Violation of Secure Design Principles
The product violates well-established principles for secure design. This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during implementation. Because code is centered around design, it can be resource-intensive to fix design problems.
Products Associated with CVE-2021-36061
Want to know whenever a new CVE is published for Adobe Connect? stack.watch will email you.
Affected Versions
Adobe Connect:- Version unspecified, <= 11.2.2 is affected.
- Version unspecified, <= None is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.