PT-2024-1755 · Adobe · Framemaker Publishing Server
Published
2024-02-13
·
Updated
2024-03-15
·
CVE-2024-20738
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe FrameMaker Publishing Server versions 2022.1 and earlier
Description
The issue is related to an Improper Authentication vulnerability in the Adobe FrameMaker Publishing Server. This vulnerability could allow a remote attacker to bypass existing security restrictions, potentially gaining unauthorized access by leveraging the vulnerability to bypass authentication mechanisms. Exploitation of this issue does not require user interaction.
Recommendations
For Adobe FrameMaker Publishing Server versions 2022.1 and earlier, update to a version later than 2022.1 to resolve the issue. As a temporary workaround, consider restricting access to the authentication mechanisms until a patch is available.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Framemaker Publishing Server