Adobe Robohelp Vulnerabilidad

Cronología

Versión

7	7
8	5
6	5
2020.0.0	3
2020.0.1	3

Contramedidas

Official Fix	19
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	7

Explotabilidad

High	2
Functional	0
Proof-of-Concept	7
Unproven	0
Not Defined	17

Vector de acceso

Not Defined	0
Physical	0
Local	1
Adjacent	4
Network	21

Autenticación

Not Defined	0
High	0
Low	8
None	18

La interacción del usuario

Not Defined	0
Required	15
None	11

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	10
≤6	5
≤7	8
≤8	1
≤9	0
≤10	2

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	3
≤5	8
≤6	6
≤7	6
≤8	1
≤9	0
≤10	2

VulDB

≤1	0
≤2	0
≤3	0
≤4	1
≤5	14
≤6	4
≤7	5
≤8	0
≤9	0
≤10	2

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	3
≤8	2
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	3
≤8	4
≤9	1
≤10	0

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	0
<2k	0
<5k	23
<10k	2
<25k	1
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	25
<2k	0
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

Affected Versions (43): 6, 7, 8, 8.0.1, 8.0.2, 9, 9.0, 9.0.0.228, 9.0.1, 9.0.1.232, 9.0.2, 10.0, 11, 11 Update 2, 202, 2015, 2015.0.1, 2015.0.2, 2015.0.3, 2019, 2019.0.1, 2019.0.2, 2019.0.3, 2019.0.4, 2019.0.5, 2019.0.6, 2019.0.7, 2019.0.8, 2019.0.9, 2020.0.1, 2020.0.2, 2020.0.3, 2020.0.4, 2020.0.5, 2020.0.6, 2020.0.7, RH12, RH12.0.1, RH12.0.2, RH12.0.3, RH12.0.4, RH2017, X5

Link to Product Website: https://www.adobe.com/

Fecha de publicación	Base	Temp	Vulnerabilidad	0day	Hoy	Exp	Con	CTI	CVE
2023-11-15	6.5	6.4	Adobe RoboHelp Server GetNewUserId sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22275
2023-11-15	5.5	5.4	Adobe RoboHelp Server resolveDistinguishedName escalada de privilegios	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22272
2023-11-15	6.5	6.4	Adobe RoboHelp Server UpdateCommandStream XML External Entity	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-22274
2023-11-15	6.0	5.9	Adobe RoboHelp Server getRHSGroupsForRoles sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22268
2023-11-15	6.7	6.6	Adobe RoboHelp Server directory traversal	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22273
2022-07-16	5.2	5.1	Adobe RoboHelp cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-23201
2022-06-16	6.4	6.2	Adobe RoboHelp Server escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-30670
2021-11-22	7.5	7.4	Adobe RoboHelp Server Tomcat directory traversal	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-42727
2021-06-28	6.3	6.3	Adobe RoboHelp Server HTTP POST Request directory traversal	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-28588
2021-04-19	6.1	5.9	Adobe Robohelp escalada de privilegios	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-21070