Path Traversal Vulnerability in Adobe Campaign Version 21.2.1 and Earlier: Arbitrary Server File Reading

Path Traversal Vulnerability in Adobe Campaign Version 21.2.1 and Earlier: Arbitrary Server File Reading

CVE-2021-40745 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server.

Learn more about our Cis Benchmark Audit For Server Software.