Lucene search
HistoryNov 17, 2023 - 1:15 p.m.
CVE-2023-22274
adobe robohelp server
xxe vulnerability
cve-2023-22274
information disclosure
unauthenticated attacker
exploitation
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
48.1%
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
Affected configurations
Node
adoberobohelp_serverRange≤11.4
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | robohelp_server | * | cpe:2.3:a:adobe:robohelp_server:*:*:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
Related
prion
prion
Xxe
2023-11-17 13:15:00
zdi
zdi
cve
cve
CVE-2023-22274
2023-11-17 13:15:08
cvelist
cvelist
vulnrichment
vulnrichment
adobe
adobe
APSB23-53 : Security update available for Adobe RoboHelp Server
2023-11-14 00:00:00
openvas
openvas
Adobe RoboHelp Server < 11.5 Multiple Vulnerabilities (APSB23-53)
2023-11-20 00:00:00
nessus
nessus
Adobe RoboHelp Server < 11 Update 5 Multiple Vulnerabilities (APSB23-53)
2023-11-17 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
48.1%
Related for NVD:CVE-2023-22274