CVE-2022-30670

CWE-2853 documents3 sources
Severity
8.8HIGH
EPSS
0.8%
top 25.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Robohelp ServerAdobe Robohelp
Timeline
PublishedJun 16
Latest updateJun 17

Description

RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/robohelpunspecified<RHS11U3+1

🔴Vulnerability Details

2
GHSA
GHSA-w7w4-2cm6-989v: RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation2022-06-17
CVEList
Escalate Privileges to Server Admin - Robohelp Server2022-06-16
CVE-2022-30670 (HIGH CVSS 8.8) | RoboHelp Server earlier versions th | cvebase.io