PT-2023-7164 · Adobe · Robohelp Server

Published

2023-11-14

Updated

2023-11-22

CVE-2023-22272

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Adobe RoboHelp Server versions 11.4 and earlier

Description The issue is related to insufficient input validation in Adobe RoboHelp Server, which can be exploited by a remote attacker to gain access to confidential information. This exploitation does not require any user interaction.

Recommendations For Adobe RoboHelp Server versions 11.4 and earlier, update to a version later than 11.4 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2023-08191

CVE-2023-22272

ZDI-23-1650

Affected Products

Robohelp Server

PT-2023-7164 · Adobe · Robohelp Server

CVE-2023-22272

Weakness Enumeration

Related Identifiers

Affected Products

References · 6