9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.1 Low
EPSS
Percentile
94.9%
The version of Adobe FrameMaker installed on the remote Windows host is 2019 release prior or equal to 15.0.8, or 2020 release 16.0.4. It is, therefore, potentially affected by multiple arbitrary code execution vulnerabilities due to out-of-bounds writes as well as a memory leak vulnerability due to an out-of-bounds-read, as referenced in the APSB22-27 advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(161175);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/08");
script_cve_id(
"CVE-2022-28821",
"CVE-2022-28822",
"CVE-2022-28823",
"CVE-2022-28824",
"CVE-2022-28825",
"CVE-2022-28826",
"CVE-2022-28827",
"CVE-2022-28828",
"CVE-2022-28829",
"CVE-2022-28830"
);
script_xref(name:"IAVB", value:"2022-B-0013-S");
script_name(english:"Adobe FrameMaker 2019 <= 15.0.8 (2019.0.8) / Adobe FrameMaker 2020 <= 16.0.4 (2020.0.4) Multiple Vulnerabilities (APSB22-27)");
script_set_attribute(attribute:"synopsis", value:
"The remote install of Adobe FrameMaker has multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Adobe FrameMaker installed on the remote Windows host is 2019 release prior or equal to 15.0.8, or 2020
release 16.0.4. It is, therefore, potentially affected by multiple arbitrary code execution vulnerabilities due to
out-of-bounds writes as well as a memory leak vulnerability due to an out-of-bounds-read, as referenced in the APSB22-27
advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/framemaker/apsb22-27.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe FrameMaker version 15.0.9, 16.0.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-28829");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-28826");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(125, 416, 787);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/05/10");
script_set_attribute(attribute:"patch_publication_date", value:"2022/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:framemaker");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("adobe_framemaker_installed.nbin");
script_require_keys("installed_sw/Adobe FrameMaker", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'Adobe FrameMaker', win_local:TRUE);
# Due to unique hotfix scenario, we are temporarily adding this paranoid condition
if (app_info['version'] =~ "(15\.0\.8|16\.0\.4)([^0-9]|$)" && report_paranoia < 2)
audit(AUDIT_POTENTIAL_VULN, 'Adobe FrameMaker');
var constraints = [
{ 'fixed_version' : '15.0.9', 'fixed_display' : '15.0.8 / 2019.0.8 / 2019 Update 8 (hotfix)' },
{ 'min_version' : '16.0.0', 'fixed_version' : '16.0.5', 'fixed_display' : '16.0.4 / 2020.0.4 / 2020 Update 4 (hotfix)' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | framemaker | cpe:/a:adobe:framemaker |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28827
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28830
helpx.adobe.com/security/products/framemaker/apsb22-27.html
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.1 Low
EPSS
Percentile
94.9%