Adobe has released a security update for Adobe Campaign Classic. This update addresses vulnerabilities rated Critical, Important and Moderate that could result in arbitrary code execution.
|Adobe Campaign Classic
||18.10.5-8984 (and earlier versions)||Windows and Linux|
Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:
|Product||Updated version||Platform||Priority rating||Availability|
|Adobe Campaign||19.1.4-9031||Windows and Linux||3||Release Notes
|Vulnerability Category||Vulnerability Impact||Severity||CVE Number|
|Insufficient input validation||Information Disclosure||Important||CVE-2019-7843|
|Improper error handling||Information Disclosure||Moderate||CVE-2019-7846|
|Inadequate access control||Information Disclosure||Moderate||CVE-2019-7848|
|Command injection||Arbitrary Code Execution||Critical||CVE-2019-7850|
Adobe would like to thank Olivier Guerra of Aon's Cyber Solutions for reporting this issue (CVE-2019-7843) and for working with Adobe to help protect our customers.
June 14, 2019: Removed reference to CVE-2019-7849. This CVE was erroneously included in the original bulletin content.
July 31, 2019: Changed updated version from 19.1.1-9026 to 19.1.4-9031 due to regression in the former.
August 15, 2019: Updated Severity of CVE-2019-7850 to Critical.
August 19, 2019: Removed references to CVE-2019-7941 & CVE-2019-7847. These CVEs were erroneously included in the original bulletin content.
May 14, 2020: Modified the summary to reflect the critical, important and moderate severity vulnerabilities referenced in this bulletin.