cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

CVE-2022-22965 Vulneraability

MIKE23893867xl56
New Here ,
Apr 04, 2022 Apr 04, 2022

Hi,

 

Its been reported that Adobe Connect is vulnerable to CVE-2022-22965. Has there been any update or response from Adobe about it?

652
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
Jorma_at_CoSo
LEGEND ,
Apr 05, 2022 Apr 05, 2022

I can't find any report of Connect being vunerable to this issue. Can you share where you got that information? From what I can find on this it is generally applicable to Tomcat, which Connect does use, but Adobe Connect is not called out as an application that is affected. 

https://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2022-22965 

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MIKE23893867xl56
New Here ,
Apr 05, 2022 Apr 05, 2022
LATEST
In Response To Jorma_at_CoSo

I think you are right. It was reported by an internal scan that found spring-core-5.3.2.jar which is in the exploit report.

 

The prerequistites included using JDK 9 and being deployed as a WAR which I don't think Connect does either.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices