PT-2023-7163 · Adobe · Framemaker Publishing Server
Published
2023-11-15
·
Updated
2024-03-15
·
CVE-2023-44324
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe FrameMaker Publishing Server versions 2022 and earlier
Description
The issue is related to an improper authentication vulnerability that could result in a security feature bypass. An unauthenticated attacker can exploit this to access the API and leak the default admin's password. Exploitation of this issue does not require user interaction.
Recommendations
For Adobe FrameMaker Publishing Server versions 2022 and earlier, update to a version that includes a fix for the improper authentication vulnerability to prevent security feature bypass.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Framemaker Publishing Server