CVE-2023-22232

MEDIUM NUCLEI

Adobe Connect <11.4.5, 12.1.5 - Auth Bypass

Title source: llm

Description

Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.

Exploits (2)

exploitdb WRITEUP

by h4shur · textwebappsmultiple

https://www.exploit-db.com/exploits/51327

View Code ZIP pw:eip

exploitdb WRITEUP

by h4shur · textwebappsmultiple

https://www.exploit-db.com/exploits/49550

View Code ZIP pw:eip

Nuclei Templates (1)

Adobe Connect < 12.1.5 - Local File Disclosure

MEDIUMVERIFIEDby 0xr2r

Shodan: title:"Adobe Connect" || http.title:"openvpn connect"

FOFA: title="openvpn connect"

References (2)

[Vendor Advisory] https://helpx.adobe.com/security/products/connect/apsb23-05.html

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/171390/Adobe-Connect-11.4.5-12.1.5-Local-File-Disclosure.html

Scores

CVSS v3 5.3

EPSS 0.8837

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-284

Status published

Products (1)

adobe/connect 11.0 - 11.4.5

Published Feb 17, 2023

Tracked Since Feb 18, 2026