CVE-2017-2989

CRITICAL

Adobe Campaign Build 8770 and earlier - Unauthenticated Data Manipulation via Input Validation Bypass

Title source: llm
STIX 2.1

Description

Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97552

Scores

CVSS v3 9.1
EPSS 0.0369
EPSS Percentile 88.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-20
Status published
Products (2)
adobe/campaign < 6.11
n/a/Adobe Campaign Build 8770 and earlier. Adobe Campaign Build 8770 and earlier.
Published Apr 12, 2017
Tracked Since Feb 18, 2026