CVE-2023-2679: Data leakage in Adobe connector for SPE edition of SLM
First published: Wed May 17 2023(Updated: )
Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data.
Credit: security@snowsoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Snowsoftware Snow License Manager | >=9.27<9.30 | |
| Microsoft Windows |
Remedy
Hotfix is ready for 9.27.0, 9.27.1, 9.28.0 and 9.29.0. Will be included from 9.30.0
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-2679?
CVE-2023-2679 is a vulnerability in the Adobe connector in Snow Software SPE 9.27.0 on Windows that allows a privileged user to observe other users' data.
What is the severity of CVE-2023-2679?
The severity of CVE-2023-2679 is medium (4.3).
How does CVE-2023-2679 impact Snow Software SPE?
CVE-2023-2679 allows a privileged user to observe other users' data in the Adobe connector of Snow Software SPE 9.27.0 on Windows.
Is Snow License Manager affected by CVE-2023-2679?
Yes, Snow License Manager version 9.27.0 to 9.30.0 is affected by CVE-2023-2679.
Is Microsoft Windows affected by CVE-2023-2679?
No, Microsoft Windows is not vulnerable to CVE-2023-2679.
How can I fix CVE-2023-2679?
To fix CVE-2023-2679, it is recommended to update Snow Software SPE to a version above 9.30.0.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/title
- agent/remedy
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/snowsoftware
- canonical/snowsoftware snow license manager
- version/snowsoftware snow license manager/9.27
- vendor/microsoft
- canonical/microsoft windows