CVE-2022-30670: Escalate Privileges to Server Admin - Robohelp Server
First published: Thu Jun 16 2022(Updated: )
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe RoboHelp Server | <11 | |
| Adobe RoboHelp Server | =11 | |
| Adobe RoboHelp Server | =11-update1 | |
| Adobe RoboHelp Server | =11-update2 | |
| Adobe RoboHelp Server | =11-update3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-30670.
What is the severity of CVE-2022-30670?
The severity of CVE-2022-30670 is critical with a CVSS score of 8.8.
Which software versions are affected by CVE-2022-30670?
RoboHelp Server earlier versions than RHS 11 Update 3 are affected.
What is the impact of CVE-2022-30670?
The vulnerability could lead to privilege escalation, allowing an attacker to achieve full administrator privileges.
Is exploitation of CVE-2022-30670 difficult?
Exploitation of this vulnerability does not require user interaction.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/title
- agent/softwarecombine
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- vendor/adobe
- canonical/adobe robohelp server
- version/adobe robohelp server/11
- version/adobe robohelp server/11-update1
- version/adobe robohelp server/11-update2
- version/adobe robohelp server/11-update3
- vendor/microsoft
- canonical/microsoft windows