CVE-2019-8237
CRITICALAdobe Acrobat and Reader DC < 15.006.30499, 15.008.20082-19.012.20036 - Security Feature Bypass via Weak Encryption
Title source: llmDescription
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an insufficiently robust encryption vulnerability. Successful exploitation could lead to security feature bypass.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/acrobat/apsb19-41.html
Scores
CVSS v3
9.8
EPSS
0.0280
EPSS Percentile
84.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-327
Status
published
Products (4)
adobe/acrobat_dc
15.006.30060 - 15.006.30499
adobe/acrobat_dc
15.008.20082 - 19.012.20036
adobe/acrobat_reader_dc
15.006.30060 - 15.006.30499
adobe/acrobat_reader_dc
15.008.20082 - 19.012.20036
Published
Oct 23, 2019
Tracked Since
Feb 18, 2026