Open Redirect Vulnerability in Adobe RoboHelp Products
CVE-2017-3105

6.1MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Robohelp Rh2017.0.1 And Earlier Versions
Vendor
CVE Published:
1 December 2017

Summary

Adobe RoboHelp contains an Open Redirect vulnerability that allows attackers to bypass intended URL restrictions, potentially leading users to malicious sites. This affects multiple versions of the software, specifically those prior to RH12.0.4.460 and RH2017 before RH2017.0.2. Users are advised to update their software to mitigate this risk and protect sensitive information.

Affected Version(s)

Adobe RoboHelp RH2017.0.1 and earlier Adobe RoboHelp RH2017.0.1 and earlier versions

References

http://www.securityfocus.com/bid/100709
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039319
vdb-entryx_refsource_SECTRACK
https://helpx.adobe.com/security/products/robohelp/apsb17...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.