CVE-2019-7847: XEE
First published: Thu Jul 18 2019(Updated: )
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current user.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Campaign | <=18.10.5.8984 | |
| Linux Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Adobe Campaign Classic vulnerability?
The vulnerability ID for this Adobe Campaign Classic vulnerability is CVE-2019-7847.
What is the severity level of CVE-2019-7847?
The severity level of CVE-2019-7847 is high with a CVSS score of 7.5.
What is the description of CVE-2019-7847?
CVE-2019-7847 is an Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Adobe Campaign Classic version 18.10.5-8984 and earlier versions. Successful exploitation could lead to arbitrary read access to the file system in the context of the current user.
Which software versions are affected by CVE-2019-7847?
Adobe Campaign Classic version 18.10.5-8984 and earlier versions are affected by CVE-2019-7847.
How can I fix CVE-2019-7847?
To fix CVE-2019-7847, update Adobe Campaign Classic to a version that is not impacted by the vulnerability.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/adobe
- canonical/adobe campaign
- version/adobe campaign/18.10.5.8984
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows