Session token vulnerability in free version?

Question

Hi all,Regarding CVE-2018-19718, I have a user that only requires the free base install to view webinars.As I've discovered when putting it on my own computer, the version number for this iteration of Connect is totally different to the ones referred to in the bulletin (starting 2019...). This leads me to 2 questions:Does this vulnerability apply to this version of Adobe Connect?If so, when is patching anticipated?I did try to get an answer out of the Chat support but the agent timed out on me after 20 minutes. I don't want to risk installing it on a user's machine and getting bodied by the licensing team for installing software with known vulnerabilities, or go purchasing unnecessary licencing for something that requires temporary use.TIA

Jorma_at_Knox · Answer

That notice is for versions 9.8.1 and earlier. Adobe had a fix in place by 9.8.0, and the current version of Connect is 10.1. So if you are on a hosted account, this notice is no longer relevant.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded