First published: Fri Nov 17 2023(Updated: )
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe RoboHelp Server | <=11.4 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-22272.
The title of the vulnerability is ZDI-CAN-21309: Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure.
Adobe RoboHelp Server versions 11.4 and earlier are affected by this vulnerability.
The severity of CVE-2023-22272 is high with a CVSS score of 7.5.
An unauthenticated attacker can exploit this vulnerability to disclose information without user interaction.
You can find more information about this vulnerability at the following URL: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
The CWE ID associated with this vulnerability is CWE-20.