Home / Early Warning / Vulnerabilidades / CVE-2021-21009

CVE-2021-21009

Type: 
Server-Side Request Forgery (SSRF)
Severity: 
Medium
Publication date: 
01/13/2021
Last modified: 
01/21/2021
Description
Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:campaign_classic:*:*:*:*:gold_standard:*:*:*
  • cpe:2.3:a:adobe:campaign_classic:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields