Skip to main content

Adobe Monthly Security Update (October 2023)

Release Date: 11 Oct 2023 4418 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe BridgeLow Risk Low RiskInformation Disclosure APSB23-49
Adobe CommerceMedium Risk Medium RiskElevation of Privilege
Cross-site Scripting
Security Restriction Bypass
Remote Code Execution
Denial of Service
Information Disclosure
 APSB23-50
Adobe PhotoshopLow Risk Low RiskRemote Code Execution APSB23-51

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 1

Number of 'Low Risk' product(s): 2

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Remote Code Execution
  • Denial of Service
  • Cross-Site Scripting
  • Information Disclosure
  • Elevation of Privilege
  • Security Restriction Bypass

System / Technologies affected

  • Adobe Bridge  12.0.4 and earlier versions
  • Adobe Bridge  13.0.3 and earlier versions
  • Adobe Commerce 2.4.7-beta1 and earlier versions
  • Adobe Commerce 2.4.6-p2 and earlier versions
  • Adobe Commerce 2.4.5-p4 and earlier versions
  • Adobe Commerce 2.4.4-p5 and earlier versions
  • Adobe Commerce 2.4.3-ext-4 and earlier versions
  • Adobe Commerce 2.4.2-ext-4 and earlier versions
  • Adobe Commerce 2.4.1-ext-4 and earlier versions
  • Adobe Commerce 2.4.0-ext-4 and earlier versions
  • Adobe Commerce 2.3.7-p4-ext-4 and earlier versions
  • Magento Open Source 2.4.7-beta1 and earlier versions
  • Magento Open Source 2.4.6-p2 and earlier versions
  • Magento Open Source 2.4.5-p4 and earlier versions
  • Magento Open Source 2.4.4-p5 and earlier versions
  • Adobe Photoshop 2022 23.5.5 and earlier versions
  • Adobe Photoshop 2023 24.7 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier


Source


Related Link