Adobe Creative Cloud Desktop < 4.6.1 Privilege Escalation Vulnerability (APSB18-32)

Medium Nessus Plugin ID 112191

Synopsis

An application installed on the remote host is affected by a privilege escalation vulnerability.

Description

The version of Adobe Creative Cloud Desktop installed on the remote Windows host is prior to 4.6.1. It is, therefore, affected by a privilege escalation vulnerability as noted in the APSB18-32 advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Creative Cloud Desktop version 4.6.1 or later.

See Also

http://www.nessus.org/u?60493a6d

Plugin Details

Severity: Medium

ID: 112191

File Name: adobe_creative_cloud_4_6_1.nasl

Version: 1.2

Type: local

Agent: windows

Family: Windows

Published: 2018/08/30

Modified: 2018/09/17

Dependencies: 91388

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Score based on analysis of the vendor advisory.

CVSS v2.0

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:adobe:creative_cloud

Required KB Items: installed_sw/Adobe Creative Cloud

Patch Publication Date: 2018/08/28

Vulnerability Publication Date: 2018/08/28

Reference Information

CVE: CVE-2018-12829

IAVA: 2018-A-0279