Headline
CVE-2023-22232: Adobe Security Bulletin
Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.
Security update available for Adobe Connect | APSB23-05
Bulletin ID
Date Published
Priority
APSB23-05
February 14, 2023
3
Summary
Adobe has released a security update for Adobe Connect. This update resolves an important vulnerability. Successful exploitation could lead to security feature bypass.
Affected product versions
Product
Version
Platform
Adobe Connect
11.4.5 and earlier versions
All
Adobe Connect
12.1.5 and earlier versions
All
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version.
Vulnerability details
Vulnerability Category
Vulnerability Impact
Severity
CVSS base score
CVSS vector
CVE Number
Improper Access Control (CWE-284)
Security feature bypass
Important
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2023-22232
Acknowledgments
Adobe would like to thank the following for reporting these issues and for working with Adobe to help protect our customers:
For more information, visit https://helpx.adobe.com/security.html, or email [email protected].
Related news
Adobe Connect versions 11.4.5 and below as well as versions 12.1.5 and below suffer from a file disclosure vulnerability.