Code Injection Vulnerability in Adobe Campaign Software
CVE-2017-2968

9.1CRITICAL

Key Information:

Vendor: Adobe
Status: Adobe Campaign 16.4 Build 8724 And Earlier.
Vendor: CVE Published:; 15 February 2017

What is CVE-2017-2968?

Adobe Campaign versions 16.4 Build 8724 and earlier contain a code injection vulnerability that can be exploited by unauthorized users to execute arbitrary code. This flaw poses significant risks to data integrity and security within the Adobe Campaign platform. It is crucial for users to be aware of this vulnerability and to implement appropriate measures to mitigate potential exploitation by malicious actors.

Affected Version(s)

Adobe Campaign 16.4 Build 8724 and earlier. Adobe Campaign 16.4 Build 8724 and earlier.

References

http://www.securityfocus.com/bid/96197

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/campaign/apsb17...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2017
Vulnerability Reserved
Dec 2, 2016