Path Traversal Vulnerability in Adobe Campaign Version 21.2.1 and Earlier: Arbitrary Server File Reading
CVE-2021-40745 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server.
Learn more about our Cis Benchmark Audit For Server Software.