← volver
CVE-2024-47423

Adobe Framemaker | Unrestricted Upload of File with Dangerous Type (CWE-434)

CVSS 7.8 HIGHEPSS 0.3%CWE-434
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.8EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
09 oct 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which can be automatically processed or executed by the system. Exploitation of this issue requires user interaction.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
Adobe · Adobe Framemaker