CVE-2023-22232

CVE Database · CVE-2023-22232

CVE-2023-22232

· MEDIUMModified

CVSS v3.1

5.3

EPSS

81.88%

Published

Feb 17, 2023

Modified

Nov 21, 2024

Public PoC / Exploit (4)

All weaponized →

Exploit-DBAdobe Connect 10 - Username Disclosure Exploit-DBAdobe Connect 11.4.5 - Local File Disclosure NucleiNuclei detection template TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-284

Affected Products (2)

adobe · connectvulnerable

References (4)

http://packetstormsecurity.com/files/171390/Adobe-Connect-11.4.5-12.1.5-Local-File-Disclosure.html

https://helpx.adobe.com/security/products/connect/apsb23-05.html

Vendor Advisory

http://packetstormsecurity.com/files/171390/Adobe-Connect-11.4.5-12.1.5-Local-File-Disclosure.html

https://helpx.adobe.com/security/products/connect/apsb23-05.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs