Adobe Monthly Security Update (October 2023)
Release Date:
11 Oct 2023
4418
Views
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
Adobe Bridge | Low Risk | Information Disclosure | APSB23-49 | |
Adobe Commerce | Medium Risk | Elevation of Privilege Cross-site Scripting Security Restriction Bypass Remote Code Execution Denial of Service Information Disclosure | APSB23-50 | |
Adobe Photoshop | Low Risk | Remote Code Execution | APSB23-51 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 1
Number of 'Low Risk' product(s): 2
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Denial of Service
- Cross-Site Scripting
- Information Disclosure
- Elevation of Privilege
- Security Restriction Bypass
System / Technologies affected
- Adobe Bridge 12.0.4 and earlier versions
- Adobe Bridge 13.0.3 and earlier versions
- Adobe Commerce 2.4.7-beta1 and earlier versions
- Adobe Commerce 2.4.6-p2 and earlier versions
- Adobe Commerce 2.4.5-p4 and earlier versions
- Adobe Commerce 2.4.4-p5 and earlier versions
- Adobe Commerce 2.4.3-ext-4 and earlier versions
- Adobe Commerce 2.4.2-ext-4 and earlier versions
- Adobe Commerce 2.4.1-ext-4 and earlier versions
- Adobe Commerce 2.4.0-ext-4 and earlier versions
- Adobe Commerce 2.3.7-p4-ext-4 and earlier versions
- Magento Open Source 2.4.7-beta1 and earlier versions
- Magento Open Source 2.4.6-p2 and earlier versions
- Magento Open Source 2.4.5-p4 and earlier versions
- Magento Open Source 2.4.4-p5 and earlier versions
- Adobe Photoshop 2022 23.5.5 and earlier versions
- Adobe Photoshop 2023 24.7 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
Vulnerability Identifier
Source
Related Link
Related Tags
Share with