CVE-2024-30314: Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
First published: Thu May 16 2024(Updated: )
Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Adobe Dreamweaver | <21.4 | |
| Any of | ||
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-30314?
CVE-2024-30314 has a high severity rating due to its potential for arbitrary code execution.
How do I fix CVE-2024-30314?
To fix CVE-2024-30314, update Adobe Dreamweaver to version 21.4 or later.
What software versions are impacted by CVE-2024-30314?
CVE-2024-30314 affects Adobe Dreamweaver versions 21.3 and earlier.
What could an attacker achieve by exploiting CVE-2024-30314?
Exploitation of CVE-2024-30314 could enable an attacker to execute arbitrary code on the affected system.
Does CVE-2024-30314 require user interaction for exploitation?
Yes, exploitation of CVE-2024-30314 requires user interaction.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/source
- vendor/adobe
- canonical/adobe dreamweaver
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows