CVE-2021-21009

Name of the Vulnerable Software and Affected Versions Adobe Campaign Classic Gold Standard versions 10 and earlier Adobe Campaign Classic versions 20.3.1 and earlier Adobe Campaign Classic versions 20.2.3 and earlier Adobe Campaign Classic versions 20.1.3 and earlier Adobe Campaign Classic versions 19.2.3 and earlier Adobe Campaign Classic versions 19.1.7 and earlier

Description The issue is related to a server-side request forgery (SSRF) vulnerability due to insufficient validation of incoming requests. This could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources, potentially gaining unauthorized access to protected information.

Recommendations For Adobe Campaign Classic Gold Standard version 10 and earlier, update to a version later than 10 to resolve the issue. For Adobe Campaign Classic version 20.3.1 and earlier, update to a version later than 20.3.1 to resolve the issue. For Adobe Campaign Classic version 20.2.3 and earlier, update to a version later than 20.2.3 to resolve the issue. For Adobe Campaign Classic version 20.1.3 and earlier, update to a version later than 20.1.3 to resolve the issue. For Adobe Campaign Classic version 19.2.3 and earlier, update to a version later than 19.2.3 to resolve the issue. For Adobe Campaign Classic version 19.1.7 and earlier, update to a version later than 19.1.7 to resolve the issue.