CVE-2023-22272

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGH
EPSS
0.4%
top 42.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe RobohelpAdobe Robohelp Server
Timeline
PublishedNov 17

Description

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5adobe/robohelpRHS 11.4

🔴Vulnerability Details

2
CVEList
ZDI-CAN-21309: Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure Vulnerability2023-11-17
GHSA
GHSA-hph3-qw97-9mfg: Adobe RoboHelp Server versions 112023-11-17
CVE-2023-22272 (HIGH CVSS 7.5) | Adobe RoboHelp Server versions 11.4 | cvebase.io