Main Vulnerability Database Vulnerabilities #VU5821

#VU5821 Privilege escalation in Adobe Campaign - CVE-2017-2968

Published: February 14, 2017 / Updated: February 14, 2017

Vulnerability identifier: #VU5821

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2017-2968

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Campaign

Software vendor:
Adobe

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges.

The vulnerability exists due to unknown error in Adobe Campaign. A remote authenticated user with access to the client console can obtain read and write privileges to the system.

Remediation

Install the latest version Adobe Campaign v6.11 16.8 Build 8757.

External links

https://helpx.adobe.com/security/products/campaign/apsb17-06.html