exploitDog

GHSA-63w7-2rqx-q97m

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources.

Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources.

Ссылки

EPSS

Процентиль: 71%

0.00672

Низкий

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2021-21009

CVSS3: 8.6

nvd

около 5 лет назад

Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources.

BDU:2021-00656

CVSS3: 8.6

fstec

около 5 лет назад

Уязвимость программной платформы для проведения маркетинговых кампании как в онлайн, так и в офлайн режиме Adobe Campaign Classic, связанная с недостаточной проверкой поступающих запросов, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 71%

0.00672

Низкий

CVE ID

Дефекты

CWE-918