Unrated severityNVD Advisory· Published Oct 9, 2014· Updated May 6, 2026

CVE-2014-8068

Description

Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information.

Affected products

Adobe Inc./Digital Editions
cpe:2.3:a:adobe:digital_editions:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries/nvdVendor Advisory
arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/nvd
secunia.com/advisories/61551nvd
twitter.com/AdobeSecurity/statuses/519826275008282624nvd
exchange.xforce.ibmcloud.com/vulnerabilities/97696nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000