CVE-2017-2989: Input Validation
First published: Wed Apr 12 2017(Updated: )
Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Campaign | <=6.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-2989?
CVE-2017-2989 is considered a critical vulnerability due to its potential to allow unauthorized access and manipulation of the Campaign database.
How do I fix CVE-2017-2989?
To fix CVE-2017-2989, update Adobe Campaign to version 6.11 or later.
What types of data could be affected by CVE-2017-2989?
CVE-2017-2989 could allow an attacker to read, write, or delete any data stored in the Campaign database.
What versions of Adobe Campaign are affected by CVE-2017-2989?
Adobe Campaign versions Build 8770 and earlier are affected by CVE-2017-2989.
Who should be concerned about CVE-2017-2989?
Organizations using affected versions of Adobe Campaign should be concerned about CVE-2017-2989 due to the risk of data breaches.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/type
- vendor/adobe
- canonical/adobe campaign
- version/adobe campaign/6.11