CVE-2023-44324

Summary

Adobe FrameMaker Publishing Server versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's password. Exploitation of this issue does not require user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeAdobe Framemaker Publishing Server0 <= v2022affected

Weaknesses

  • CWE-287: Improper Authentication (CWE-287)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References