Adobe Framemaker Publishing Server Vulnerability Could Lead to Privilege Escalation
CVE-2024-30300

9.8CRITICAL

Key Information:

Vendor: Adobe
Status: Adobe Framemaker Publishing Server
Vendor: CVE Published:; 13 June 2024

What is CVE-2024-30300?

Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are impacted by an Information Exposure vulnerability, identified as CWE-200. This vulnerability can be exploited by malicious actors to gain unauthorized access to sensitive system or user information. The exploitation can occur without the need for user interaction, making it particularly concerning for system administrators. Timely updates and patches are recommended to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Adobe Framemaker Publishing Server 0 <= 2022.2

References

https://helpx.adobe.com/security/products/framemaker-publ...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2024
Vulnerability Reserved
Mar 26, 2024