CVE-2023-22232: Adobe Connect Improper Access Control Security feature bypass
First published: Fri Feb 17 2023(Updated: )
Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Connect | >=11.0<=11.4.5 | |
| Adobe Connect | >=12.0<=12.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Adobe Connect vulnerability?
The vulnerability ID of this Adobe Connect vulnerability is CVE-2023-22232.
What is the severity rating of CVE-2023-22232?
CVE-2023-22232 has a severity rating of 5.3, which is considered medium.
Which versions of Adobe Connect are affected by this vulnerability?
Adobe Connect versions 11.0 through 11.4.5, and versions 12.0 through 12.1.5 are affected by this vulnerability.
What is the impact of this vulnerability?
This vulnerability could result in a security feature bypass, impacting the integrity of a minor feature.
Are there any known exploits of this vulnerability?
Yes, there are known exploits of this vulnerability.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/adobe
- canonical/adobe connect
- version/adobe connect/11.0
- version/adobe connect/11.4.5
- version/adobe connect/12.0
- version/adobe connect/12.1.5