Skip to main content

Livecycle Es4

1 CVEs product

Monthly

CVE-2023-28500 CRITICAL Act Now

A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java RCE Adobe Deserialization Livecycle Es4
NVD
CVSS 3.1
9.8
EPSS
1.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java RCE Adobe +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy