CVE-2018-4993

MEDIUM

Description

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure.

References

http://www.securityfocus.com/bid/104177

http://www.securitytracker.com/id/1040920

https://helpx.adobe.com/security/products/acrobat/apsb18-09.html

Details

Source: MITRE

Published: 2018-07-09

Updated: 2018-08-29

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH